From 364fe00b17ddfeb9f2bdf16298eda84866d58d27 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Wed, 27 Sep 2023 19:09:56 +0200 Subject: [PATCH 01/54] atftp: bump to release 0.8.0 Bump to release 0.8.0. Autorecong is now needed to correctly compile the package. Signed-off-by: Christian Marangi --- net/atftp/Makefile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/net/atftp/Makefile b/net/atftp/Makefile index 9478f06975..bee43615f7 100644 --- a/net/atftp/Makefile +++ b/net/atftp/Makefile @@ -7,12 +7,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=atftp -PKG_VERSION:=0.7.5 +PKG_VERSION:=0.8.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@SF/$(PKG_NAME) -PKG_HASH:=93c87a4fb18218414e008e01c995dadd231ba4c752d0f894b34416d1e6d3038a +PKG_HASH:=df2aa089c7670f9eab40e5598e5d2cb6a582dc5182926ea50b4d690e4e37f316 PKG_MAINTAINER:=Daniel Danzberger PKG_LICENSE:=GPL-2.0-or-later @@ -21,6 +21,8 @@ PKG_LICENSE_FILES:=LICENSE PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 +PKG_FIXUP:=autoreconf + include $(INCLUDE_DIR)/package.mk define Package/atftp/Default From f81a1a1212c17f460721fe6f4d4497e66ee418c6 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Wed, 27 Sep 2023 19:10:39 +0200 Subject: [PATCH 02/54] atftp: move to PCRE2 Move atftp to PCRE2 as PCRE is flagged as EOL and won't receive security updates anymore. Signed-off-by: Christian Marangi --- net/atftp/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/atftp/Makefile b/net/atftp/Makefile index bee43615f7..cabdd3efd3 100644 --- a/net/atftp/Makefile +++ b/net/atftp/Makefile @@ -40,7 +40,7 @@ endef define Package/atftpd $(call Package/atftp/Default) - DEPENDS:=+libpcre +libpthread + DEPENDS:=+libpcre2 +libpthread TITLE+= server endef From 41922f33b5f2cbc58e504469cdcd14ffa33ee5f3 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Sun, 1 Oct 2023 00:43:21 +0200 Subject: [PATCH 03/54] aircrack-ng: bump to release 1.7 Bump aircrack-ng to release 1.7 Changelog from [1] Airdecap-ng: Endianness fixes Airdecap-ng: Output PCAP as little endian Airodump-ng: Fixed blank encryption field when APs have TKIP (and/or CCMP) with WPA2 Airodump-ng: Updated encryption filter (-t/--encrypt) for WPA3 and OWE Airodump-ng: Fixed out-of-order timestamp captures Airodump-ng: Ignore NULL PMKID Airodump-ng: Fixed dropping management frames with zeroed timestamp Airodump-ng: Fixed sorting where sometimes it started with a different field Airodump-ng: Allow setting colors only in AP selection mode Airodump-ng: Fix crash on 4K Linux console Airodump-ng: Fixed issue where existing clients not linked to an AP become hidden when hitting 'o' Airodump-ng: Allow use of WiFi 6E 6GHz frequencies Airodump-ng: Look for oui.txt in /usr/share/hwdata Airgraph-ng: Fixed graphviz package conflict Airgraph-ng: Fixed downloading OUI with python3 Airgraph-ng: Ensure support/ directory is created when installing Aircrack-ng: Fixed static compilation Aircrack-ng: Fix handshake replay counter logic Aircrack-ng: Handle timeout when parsing EAPOL Aircrack-ng: Fixed WEP display Aircrack-ng: Fixed spurious EXIT messages Aircrack-ng: Improved handshake selection by fixing EAPOL timing and clearing state Aircrack-ng: Ignore NULL PMKID Aircrack-ng: Added Apple M1 detection Aireplay-ng: In test mode, detect tampering of sequence number by firmware/driver Aireplay-ng: Fixed incorrectly rewritten loops affecting fragmentation attack, and in some cases, SKA fake auth Aireplay-ng: Fixed a bunch of instances where packets had their duration updated instead of the sequence number Airmon-ng: Fix avahi killing Airmon-ng: rewrite service stopping entirely Airmon-ng: Codestyle fixes and code cleanup Airmon-ng: Added a few Raspberry Pi hardware revisions Airmon-ng: Fixes for 8812au driver Airmon-ng: Fix iwlwifi firmware formatting Airmon-ng: Remove broken KVM detection Airmon-ng: Show regdomain in verbose mode Airmon-ng: Updated Raspberry Pi hardware revisions Airmon-ng: Document frequency usage Airmon-ng: Add a sleep to help predictable names due to udev sometimes renaming interface Airmon-ng: Added warning for broken radiotap headers in kernel 5.15 to 5.15.4 Airmon-ng: shellcheck fixes Airmon-ng: support systemctl as some systems don't support 'service' anymore Airmon-ng: Fixes for pciutils 3.8, backward compatible Airbase-ng: use enum for frame type/subtype Airbase-ng: remove a few IE in association responses Besside-ng: Support and detect all channels in 5GHz in Auto-Channel mode OSdep: Search additional IE for channel information OSdep: Android macro fixes Patches: Add missing patches that were on https://patches.aircrack-ng.org but not in repo Patches: Updated freeradius-wpe patch for v3.2.0 Patches: Updated hostapd-wpe patch for v2.10 Patches: Added docker containers to test WPE patches Autotools: make dist now creates VERSION file Autotools: Added maintainer mode Autotools: Initial support for Link Time Optimization (LTO) builds Integration tests: Added a new test, and improved some existing ones Airgraph-ng: switch airodump-join to Python 3 Manpages: Fixes (typos, tools name, etc.) and improvements README: Updated dependencies and their installation on various distros in README.md and INSTALLING README: Fixed typos and spelling in README.md and INSTALLING Packages: Packages on PackageCloud now support any distro using .deb and .rpm, however, it requires reinstalling repo (BREAKING CHANGE) General: Fix compilation with LibreSSL 3.5 General: Fix issues reported by Infer General: Updated buildbots General: Add Linux uclibc support General: Compilation fixes on macOS with the Apple M1 CPU General: Removed TravisCI and AppVeyor General: Use Github Actions for CI (Linux, Win, macOS, code style, and PVS-Studio) General: Added vscode devcontainer and documentation General: Fix warnings from PVS-Studio and build with pedantic (See PR2174) General: Shell script fixes thanks to shellcheck General: Fixes for GCC 10 and 11 General: Fixed cross-compilation General: Code refactoring, deduplication, cleanup, and misc code improvements General: Coverity Scan fixes, which includes memory leaks, race conditions, division by 0, and other issues General: PVS Studio improvements,fixes and updates General: Code formatting/style fixes General: Various fixes and improvements (code, CI, integration tests, coverity) General: Update bug reporting template and update the process [1] https://aircrack-ng.blogspot.com/2022/05/aircrack-ng-17.html Signed-off-by: Christian Marangi --- net/aircrack-ng/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/aircrack-ng/Makefile b/net/aircrack-ng/Makefile index 1323a0e6b8..34ec2055e0 100644 --- a/net/aircrack-ng/Makefile +++ b/net/aircrack-ng/Makefile @@ -8,15 +8,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=aircrack-ng -PKG_VERSION:=1.6 -PKG_RELEASE:=3 +PKG_VERSION:=1.7 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=LICENSE PKG_CPE_ID:=cpe:/a:aircrack-ng:aircrack-ng PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://download.aircrack-ng.org/ -PKG_HASH:=4f0bfd486efc6ea7229f7fbc54340ff8b2094a0d73e9f617e0a39f878999a247 +PKG_HASH:=05a704e3c8f7792a17315080a21214a4448fd2452c1b0dd5226a3a55f90b58c3 PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 From cb1f7c7ee4e5e0978a3004a94af8016c85791eed Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Sun, 1 Oct 2023 00:45:06 +0200 Subject: [PATCH 04/54] aircrack-ng: backport patch and move package to pcre2 Backport patch merged upstream for PCRE2 support and move package to pcre2. Also add an additional patch pending to fix linking both pcre and pcre2 if autotools detect both library. (aircrack-ng prefer pcre2 in presence of both) Signed-off-by: Christian Marangi --- net/aircrack-ng/Makefile | 2 +- ...100-01-autotools-add-PCRE2-detection.patch | 94 ++++++++++ ...100-02-airodump-ng-add-PCRE2-support.patch | 142 +++++++++++++++ .../100-03-besside-ng-add-PCRE2-support.patch | 146 ++++++++++++++++ ...4-makefile-add-PCRE2-to-linker-flags.patch | 29 +++ ...ump_write-remove-unused-PCRE-include.patch | 21 +++ ...pat-pcre-add-compat-type-PCRE-header.patch | 114 ++++++++++++ ...0-08-airodump-ng-utilize-compat-pcre.patch | 146 ++++++++++++++++ ...00-09-besside-ng-utilize-compat-pcre.patch | 165 ++++++++++++++++++ ...-PCRE2_CFLAGS-to-airodump-and-bessid.patch | 29 +++ ...-PCRE2-to-libaccrypto-and-libaircrac.patch | 37 ++++ ...icate-if-PCRE-or-PCRE2-is-being-used.patch | 132 ++++++++++++++ ...PCRE-CFLAGS-LIBS-with-both-PCRE-and-.patch | 39 +++++ 13 files changed, 1095 insertions(+), 1 deletion(-) create mode 100644 net/aircrack-ng/patches/100-01-autotools-add-PCRE2-detection.patch create mode 100644 net/aircrack-ng/patches/100-02-airodump-ng-add-PCRE2-support.patch create mode 100644 net/aircrack-ng/patches/100-03-besside-ng-add-PCRE2-support.patch create mode 100644 net/aircrack-ng/patches/100-04-makefile-add-PCRE2-to-linker-flags.patch create mode 100644 net/aircrack-ng/patches/100-05-airodump-ng-dump_write-remove-unused-PCRE-include.patch create mode 100644 net/aircrack-ng/patches/100-07-compat-pcre-add-compat-type-PCRE-header.patch create mode 100644 net/aircrack-ng/patches/100-08-airodump-ng-utilize-compat-pcre.patch create mode 100644 net/aircrack-ng/patches/100-09-besside-ng-utilize-compat-pcre.patch create mode 100644 net/aircrack-ng/patches/101-02-src-makefile-add-PCRE2_CFLAGS-to-airodump-and-bessid.patch create mode 100644 net/aircrack-ng/patches/101-03-lib-makefile-add-PCRE2-to-libaccrypto-and-libaircrac.patch create mode 100644 net/aircrack-ng/patches/102-autotools-indicate-if-PCRE-or-PCRE2-is-being-used.patch create mode 100644 net/aircrack-ng/patches/103-autotools-reset-PCRE-CFLAGS-LIBS-with-both-PCRE-and-.patch diff --git a/net/aircrack-ng/Makefile b/net/aircrack-ng/Makefile index 34ec2055e0..70a13a0d46 100644 --- a/net/aircrack-ng/Makefile +++ b/net/aircrack-ng/Makefile @@ -40,7 +40,7 @@ include $(INCLUDE_DIR)/package.mk define Package/aircrack-ng SECTION:=net CATEGORY:=Network - DEPENDS:=+AIRCRACK_NG_HWLOC:libhwloc +libpcap +libpcre +libpthread +libstdcpp + DEPENDS:=+AIRCRACK_NG_HWLOC:libhwloc +libpcap +libpcre2 +libpthread +libstdcpp DEPENDS += +AIRCRACK_NG_OPENSSL:libopenssl DEPENDS += +AIRCRACK_NG_GCRYPT:libgcrypt DEPENDS += +AIRCRACK_NG_SQLITE3:libsqlite3 diff --git a/net/aircrack-ng/patches/100-01-autotools-add-PCRE2-detection.patch b/net/aircrack-ng/patches/100-01-autotools-add-PCRE2-detection.patch new file mode 100644 index 0000000000..95079ef7f3 --- /dev/null +++ b/net/aircrack-ng/patches/100-01-autotools-add-PCRE2-detection.patch @@ -0,0 +1,94 @@ +From 6b05dc10cdcf45d50bc8f9dd74667a3ff399a059 Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Fri, 20 Jan 2023 14:52:12 +0100 +Subject: [PATCH 1/9] autotools: add PCRE2 detection + +--- + build/m4/aircrack_ng_pcre2.m4 | 61 +++++++++++++++++++++++++++++++++++ + configure.ac | 2 ++ + 2 files changed, 63 insertions(+) + create mode 100644 build/m4/aircrack_ng_pcre2.m4 + +--- /dev/null ++++ b/build/m4/aircrack_ng_pcre2.m4 +@@ -0,0 +1,61 @@ ++dnl Aircrack-ng ++dnl ++dnl Copyright (C) 2023 Andras Gemes ++dnl ++dnl Autotool support was written by: Joseph Benden ++dnl ++dnl This program is free software; you can redistribute it and/or modify ++dnl it under the terms of the GNU General Public License as published by ++dnl the Free Software Foundation; either version 2 of the License, or ++dnl (at your option) any later version. ++dnl ++dnl This program is distributed in the hope that it will be useful, ++dnl but WITHOUT ANY WARRANTY; without even the implied warranty of ++dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++dnl GNU General Public License for more details. ++dnl ++dnl You should have received a copy of the GNU General Public License ++dnl along with this program; if not, write to the Free Software ++dnl Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA ++dnl ++dnl In addition, as a special exception, the copyright holders give ++dnl permission to link the code of portions of this program with the ++dnl OpenSSL library under certain conditions as described in each ++dnl individual source file, and distribute linked combinations ++dnl including the two. ++dnl ++dnl You must obey the GNU General Public License in all respects ++dnl for all of the code used other than OpenSSL. ++dnl ++dnl If you modify file(s) with this exception, you may extend this ++dnl exception to your dnl version of the file(s), but you are not obligated ++dnl to do so. ++dnl ++dnl If you dnl do not wish to do so, delete this exception statement from your ++dnl version. ++dnl ++dnl If you delete this exception statement from all source files in the ++dnl program, then also delete it here. ++ ++AC_DEFUN([AIRCRACK_NG_PCRE2], [ ++AC_ARG_ENABLE(static-pcre2, ++ AS_HELP_STRING([--enable-static-pcre2], ++ [Enable statically linked PCRE2 libpcre2-8.]), ++ [static_pcre2=$enableval], [static_pcre2=no]) ++ ++if test "x$static_pcre2" != "xno"; then ++ AC_REQUIRE([AX_EXT_HAVE_STATIC_LIB_DETECT]) ++ AX_EXT_HAVE_STATIC_LIB(PCRE2, ${DEFAULT_STATIC_LIB_SEARCH_PATHS}, pcre2 libpcre2-8, pcre2_version) ++ if test "x$PCRE2_FOUND" = xyes; then ++ HAVE_PCRE2=yes ++ else ++ HAVE_PCRE2=no ++ fi ++else ++ PKG_CHECK_MODULES(PCRE2, libpcre2-8, HAVE_PCRE2=yes, HAVE_PCRE2=no) ++fi ++ ++AS_IF([test "x$HAVE_PCRE2" = "xyes"], [ ++ AC_DEFINE([HAVE_PCRE2], [1], [Define this if you have libpcre2-8 on your system]) ++]) ++]) +\ No newline at end of file +--- a/configure.ac ++++ b/configure.ac +@@ -144,6 +144,7 @@ AIRCRACK_NG_EXT_SCRIPTS + AIRCRACK_NG_HWLOC + AIRCRACK_NG_PCAP + AIRCRACK_NG_PCRE ++AIRCRACK_NG_PCRE2 + AIRCRACK_NG_RFKILL + AIRCRACK_NG_SQLITE + AIRCRACK_NG_ZLIB +@@ -320,6 +321,7 @@ ${PACKAGE} ${VERSION} + Jemalloc: ${JEMALLOC} + Pcap: ${PCAP_FOUND} + Pcre: ${HAVE_PCRE} ++ Pcre2: ${HAVE_PCRE2} + Sqlite: ${HAVE_SQLITE3} + Tcmalloc: ${TCMALLOC} + Zlib: ${HAVE_ZLIB} diff --git a/net/aircrack-ng/patches/100-02-airodump-ng-add-PCRE2-support.patch b/net/aircrack-ng/patches/100-02-airodump-ng-add-PCRE2-support.patch new file mode 100644 index 0000000000..63210b681b --- /dev/null +++ b/net/aircrack-ng/patches/100-02-airodump-ng-add-PCRE2-support.patch @@ -0,0 +1,142 @@ +From 37bc38a1749f61f3e54dbebca7b33df844b6de82 Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Fri, 20 Jan 2023 14:53:59 +0100 +Subject: [PATCH 2/9] airodump-ng: add PCRE2 support + +--- + src/airodump-ng/airodump-ng.c | 75 +++++++++++++++++++++++++++++++---- + 1 file changed, 67 insertions(+), 8 deletions(-) + +--- a/src/airodump-ng/airodump-ng.c ++++ b/src/airodump-ng/airodump-ng.c +@@ -68,7 +68,10 @@ + + #include + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++#define PCRE2_CODE_UNIT_WIDTH 8 ++#include ++#elif defined HAVE_PCRE + #include + #endif + +@@ -150,7 +153,10 @@ static struct local_options + unsigned char prev_bssid[6]; + char ** f_essid; + int f_essid_count; +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ pcre2_code * f_essid_regex; ++ pcre2_match_data * f_essid_match_data; ++#elif defined HAVE_PCRE + pcre * f_essid_regex; + #endif + char * dump_prefix; +@@ -784,7 +790,7 @@ static const char usage[] = + " --netmask : Filter APs by mask\n" + " --bssid : Filter APs by BSSID\n" + " --essid : Filter APs by ESSID\n" +-#ifdef HAVE_PCRE ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + " --essid-regex : Filter APs by ESSID using a regular\n" + " expression\n" + #endif +@@ -857,7 +863,22 @@ int is_filtered_essid(const uint8_t * es + ret = 1; + } + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ if (lopt.f_essid_regex) ++ { ++ lopt.f_essid_match_data ++ = pcre2_match_data_create_from_pattern(lopt.f_essid_regex, NULL); ++ ++ return pcre2_match(lopt.f_essid_regex, ++ (PCRE2_SPTR) essid, ++ (int) strnlen((char *) essid, ESSID_LENGTH), ++ 0, ++ 0, ++ lopt.f_essid_match_data, ++ 0) ++ < 0; ++ } ++#elif defined HAVE_PCRE + if (lopt.f_essid_regex) + { + return pcre_exec(lopt.f_essid_regex, +@@ -5782,7 +5803,10 @@ int main(int argc, char * argv[]) + int wi_read_failed = 0; + int n = 0; + int output_format_first_time = 1; +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ int pcreerror; ++ PCRE2_SIZE pcreerroffset; ++#elif defined HAVE_PCRE + const char * pcreerror; + int pcreerroffset; + #endif +@@ -5938,7 +5962,9 @@ int main(int argc, char * argv[]) + #ifdef CONFIG_LIBNL + lopt.htval = CHANNEL_NO_HT; + #endif +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ lopt.f_essid_regex = NULL; ++#elif defined HAVE_PCRE + lopt.f_essid_regex = NULL; + #endif + +@@ -6359,7 +6385,34 @@ int main(int argc, char * argv[]) + + case 'R': + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ if (lopt.f_essid_regex != NULL) ++ { ++ printf("Error: ESSID regular expression already given. " ++ "Aborting\n"); ++ exit(EXIT_FAILURE); ++ } ++ ++ lopt.f_essid_regex = pcre2_compile((PCRE2_SPTR) optarg, ++ PCRE2_ZERO_TERMINATED, ++ 0, ++ &pcreerror, ++ &pcreerroffset, ++ NULL); ++ ++ if (lopt.f_essid_regex == NULL) ++ { ++ PCRE2_UCHAR pcreerrbuffer[256]; ++ pcre2_get_error_message( ++ pcreerror, pcreerrbuffer, sizeof(pcreerrbuffer)); ++ ++ printf("Error: regular expression compilation failed at " ++ "offset %lu: %s; aborting\n", ++ pcreerroffset, ++ pcreerrbuffer); ++ exit(EXIT_FAILURE); ++ } ++#elif defined HAVE_PCRE + if (lopt.f_essid_regex != NULL) + { + printf("Error: ESSID regular expression already given. " +@@ -7297,7 +7350,13 @@ int main(int argc, char * argv[]) + + if (lopt.keyout) free(lopt.keyout); + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ if (lopt.f_essid_regex) ++ { ++ pcre2_match_data_free(lopt.f_essid_match_data); ++ pcre2_code_free(lopt.f_essid_regex); ++ } ++#elif defined HAVE_PCRE + if (lopt.f_essid_regex) pcre_free(lopt.f_essid_regex); + #endif + diff --git a/net/aircrack-ng/patches/100-03-besside-ng-add-PCRE2-support.patch b/net/aircrack-ng/patches/100-03-besside-ng-add-PCRE2-support.patch new file mode 100644 index 0000000000..810007eaa8 --- /dev/null +++ b/net/aircrack-ng/patches/100-03-besside-ng-add-PCRE2-support.patch @@ -0,0 +1,146 @@ +From dbc80d96cfba2dab959ab20bf76f8dd4f517bd29 Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Fri, 20 Jan 2023 14:55:18 +0100 +Subject: [PATCH 3/9] besside-ng: add PCRE2 support + +--- + src/besside-ng/besside-ng.c | 86 ++++++++++++++++++++++++++++++++++--- + 1 file changed, 79 insertions(+), 7 deletions(-) + +--- a/src/besside-ng/besside-ng.c ++++ b/src/besside-ng/besside-ng.c +@@ -57,7 +57,10 @@ + #include + #include + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++#define PCRE2_CODE_UNIT_WIDTH 8 ++#include ++#elif defined HAVE_PCRE + #include + #endif + +@@ -155,7 +158,10 @@ static struct conf + int cf_do_wep; + int cf_do_wpa; + char * cf_wpa_server; +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ pcre2_code * cf_essid_regex; ++ pcre2_match_data * cf_essid_match_data; ++#elif defined HAVE_PCRE + pcre * cf_essid_regex; + #endif + } _conf; +@@ -1116,7 +1122,31 @@ static void attack_ping(void * a) + timer_in(100 * 1000, attack_ping, n); + } + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++static int is_filtered_essid(char * essid) ++{ ++ REQUIRE(essid != NULL); ++ ++ int ret = 0; ++ ++ if (_conf.cf_essid_regex) ++ { ++ _conf.cf_essid_match_data ++ = pcre2_match_data_create_from_pattern(_conf.cf_essid_regex, NULL); ++ ++ return pcre2_match(_conf.cf_essid_regex, ++ (PCRE2_SPTR) essid, ++ (int) strnlen((char *) essid, MAX_IE_ELEMENT_SIZE), ++ 0, ++ 0, ++ _conf.cf_essid_match_data, ++ 0) ++ < 0; ++ } ++ ++ return (ret); ++} ++#elif defined HAVE_PCRE + static int is_filtered_essid(char * essid) + { + REQUIRE(essid != NULL); +@@ -1148,7 +1178,12 @@ static int should_attack(struct network + if (_conf.cf_bssid && memcmp(_conf.cf_bssid, n->n_bssid, 6) != 0) + return (0); + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ if (is_filtered_essid(n->n_ssid)) ++ { ++ return (0); ++ } ++#elif defined HAVE_PCRE + if (is_filtered_essid(n->n_ssid)) + { + return (0); +@@ -3007,7 +3042,13 @@ static void cleanup(int UNUSED(x)) + + print_work(); + +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ if (_conf.cf_essid_regex) ++ { ++ pcre2_match_data_free(_conf.cf_essid_match_data); ++ pcre2_code_free(_conf.cf_essid_regex); ++ } ++#elif defined HAVE_PCRE + if (_conf.cf_essid_regex) pcre_free(_conf.cf_essid_regex); + #endif + +@@ -3295,7 +3336,10 @@ static void usage(char * prog) + int main(int argc, char * argv[]) + { + int ch, temp; +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ int pcreerror; ++ PCRE2_SIZE pcreerroffset; ++#elif defined HAVE_PCRE + const char * pcreerror; + int pcreerroffset; + #endif +@@ -3349,7 +3393,35 @@ int main(int argc, char * argv[]) + break; + + case 'R': +-#ifdef HAVE_PCRE ++#ifdef HAVE_PCRE2 ++ if (_conf.cf_essid_regex != NULL) ++ { ++ printf("Error: ESSID regular expression already given. " ++ "Aborting\n"); ++ exit(EXIT_FAILURE); ++ } ++ ++ _conf.cf_essid_regex = pcre2_compile((PCRE2_SPTR) optarg, ++ PCRE2_ZERO_TERMINATED, ++ 0, ++ &pcreerror, ++ &pcreerroffset, ++ NULL); ++ ++ if (_conf.cf_essid_regex == NULL) ++ { ++ PCRE2_UCHAR pcreerrbuffer[256]; ++ pcre2_get_error_message( ++ pcreerror, pcreerrbuffer, sizeof(pcreerrbuffer)); ++ ++ printf("Error: regular expression compilation failed at " ++ "offset %lu: %s; aborting\n", ++ pcreerroffset, ++ pcreerrbuffer); ++ exit(EXIT_FAILURE); ++ } ++ break; ++#elif defined HAVE_PCRE + if (_conf.cf_essid_regex != NULL) + { + printf("Error: ESSID regular expression already given. " diff --git a/net/aircrack-ng/patches/100-04-makefile-add-PCRE2-to-linker-flags.patch b/net/aircrack-ng/patches/100-04-makefile-add-PCRE2-to-linker-flags.patch new file mode 100644 index 0000000000..be5b886c5a --- /dev/null +++ b/net/aircrack-ng/patches/100-04-makefile-add-PCRE2-to-linker-flags.patch @@ -0,0 +1,29 @@ +From ca05a44c449be3c433ea67c04f11d544ab62395f Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Fri, 20 Jan 2023 14:57:16 +0100 +Subject: [PATCH 4/9] makefile: add PCRE2 to linker flags + +--- + src/Makefile.inc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/src/Makefile.inc ++++ b/src/Makefile.inc +@@ -130,7 +130,7 @@ aireplay_ng_LDADD = $(COMMON_LDADD) $(L + airodump_ng_SOURCES = $(SRC_ADU) $(SRC_DWRITE) + airodump_ng_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(LIBNL_CFLAGS) + airodump_ng_CPPFLAGS = $(AM_CPPFLAGS) -I$(abs_srcdir)/src/airodump-ng +-airodump_ng_LDADD = $(COMMON_LDADD) $(PCRE_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(LIBAIRCRACK_CE_WEP_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) ++airodump_ng_LDADD = $(COMMON_LDADD) $(PCRE_LIBS) $(PCRE2_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(LIBAIRCRACK_CE_WEP_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) + + airserv_ng_SOURCES = $(SRC_AS) + airserv_ng_CFLAGS = $(COMMON_CFLAGS) $(LIBNL_CFLAGS) +@@ -164,7 +164,7 @@ buddy_ng_LDADD = $(COMMON_LDADD) $(LIBA + + besside_ng_SOURCES = $(SRC_BS) + besside_ng_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(LIBNL_CFLAGS) +-besside_ng_LDADD = $(COMMON_LDADD) $(PCRE_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(LIBPTW_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) ++besside_ng_LDADD = $(COMMON_LDADD) $(PCRE_LIBS) $(PCRE2_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(LIBPTW_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) + + besside_ng_crawler_SOURCES = $(SRC_BC) + besside_ng_crawler_CFLAGS = $(COMMON_CFLAGS) $(PCAP_CFLAGS) diff --git a/net/aircrack-ng/patches/100-05-airodump-ng-dump_write-remove-unused-PCRE-include.patch b/net/aircrack-ng/patches/100-05-airodump-ng-dump_write-remove-unused-PCRE-include.patch new file mode 100644 index 0000000000..6b64fb63e9 --- /dev/null +++ b/net/aircrack-ng/patches/100-05-airodump-ng-dump_write-remove-unused-PCRE-include.patch @@ -0,0 +1,21 @@ +From fa532b05d48e856c774837b83a3323dafcc8c33e Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Fri, 20 Jan 2023 14:58:35 +0100 +Subject: [PATCH 5/9] airodump-ng/dump_write: remove unused PCRE include + +--- + src/airodump-ng/dump_write.c | 3 --- + 1 file changed, 3 deletions(-) + +--- a/src/airodump-ng/dump_write.c ++++ b/src/airodump-ng/dump_write.c +@@ -45,9 +45,6 @@ + #include // ftruncate + #include // ftruncate + #include +-#ifdef HAVE_PCRE +-#include +-#endif + + #include "aircrack-ng/defs.h" + #include "airodump-ng.h" diff --git a/net/aircrack-ng/patches/100-07-compat-pcre-add-compat-type-PCRE-header.patch b/net/aircrack-ng/patches/100-07-compat-pcre-add-compat-type-PCRE-header.patch new file mode 100644 index 0000000000..51df8ea2b9 --- /dev/null +++ b/net/aircrack-ng/patches/100-07-compat-pcre-add-compat-type-PCRE-header.patch @@ -0,0 +1,114 @@ +From bac9b5fed2bb29e13326c90d7c12a6936fe9f04b Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Sat, 21 Jan 2023 19:29:58 +0100 +Subject: [PATCH 7/9] compat-pcre: add compat-type PCRE header + +--- + include/Makefile.inc | 1 + + include/aircrack-ng/pcre/compat-pcre.h | 90 ++++++++++++++++++++++++++ + 2 files changed, 91 insertions(+) + create mode 100644 include/aircrack-ng/pcre/compat-pcre.h + +--- a/include/Makefile.inc ++++ b/include/Makefile.inc +@@ -71,6 +71,7 @@ nobase_aircrack_HEADERS = %D%/aircrack- + %D%/aircrack-ng/osdep/network.h \ + %D%/aircrack-ng/osdep/osdep.h \ + %D%/aircrack-ng/osdep/packed.h \ ++ %D%/aircrack-ng/pcre/compat-pcre.h \ + %D%/aircrack-ng/ptw/aircrack-ptw-lib.h \ + %D%/aircrack-ng/support/common.h \ + %D%/aircrack-ng/support/communications.h \ +--- /dev/null ++++ b/include/aircrack-ng/pcre/compat-pcre.h +@@ -0,0 +1,90 @@ ++/* ++* Copyright (C) 2023 Andras Gemes ++* ++* This program is free software; you can redistribute it and/or modify ++* it under the terms of the GNU General Public License as published by ++* the Free Software Foundation; either version 2 of the License, or ++* (at your option) any later version. ++* ++* This program is distributed in the hope that it will be useful, ++* but WITHOUT ANY WARRANTY; without even the implied warranty of ++* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++* GNU General Public License for more details. ++* ++* You should have received a copy of the GNU General Public License ++* along with this program; if not, write to the Free Software ++* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA ++* ++* ++* In addition, as a special exception, the copyright holders give ++* permission to link the code of portions of this program with the ++* OpenSSL library under certain conditions as described in each ++* individual source file, and distribute linked combinations ++* including the two. ++* You must obey the GNU General Public License in all respects ++* for all of the code used other than OpenSSL. * If you modify ++* file(s) with this exception, you may extend this exception to your ++* version of the file(s), but you are not obligated to do so. * If you ++* do not wish to do so, delete this exception statement from your ++* version. * If you delete this exception statement from all source ++* files in the program, then also delete it here. ++*/ ++ ++#ifndef AIRCRACK_NG_COMPAT_PCRE_H ++#define AIRCRACK_NG_COMPAT_PCRE_H ++ ++#ifdef HAVE_PCRE2 ++#define PCRE2_CODE_UNIT_WIDTH 8 ++#include ++#elif defined HAVE_PCRE ++#include ++#endif ++ ++#ifdef HAVE_PCRE2 ++#define COMPAT_PCRE_COMPILE(pattern, pcreerror, pcreerroffset) \ ++ pcre2_compile((PCRE2_SPTR) (pattern), \ ++ PCRE2_ZERO_TERMINATED, \ ++ 0, \ ++ (pcreerror), \ ++ (pcreerroffset), \ ++ NULL) ++#elif defined HAVE_PCRE ++#define COMPAT_PCRE_COMPILE(pattern, pcreerror, pcreerroffset) \ ++ pcre_compile((pattern), 0, (pcreerror), (pcreerroffset), NULL) ++#endif ++ ++#ifdef HAVE_PCRE2 ++#define COMPAT_PCRE_MATCH(regex, essid, length, match_data) \ ++ pcre2_match((regex), \ ++ (PCRE2_SPTR) (essid), \ ++ (int) strnlen((char *) (essid), (length)), \ ++ 0, \ ++ 0, \ ++ (match_data), \ ++ 0) ++#elif defined HAVE_PCRE ++#define COMPAT_PCRE_MATCH(regex, essid, length, match_data) \ ++ pcre_exec((regex), \ ++ NULL, \ ++ (char *) (essid), \ ++ strnlen((char *) (essid), (length)), \ ++ 0, \ ++ 0, \ ++ NULL, \ ++ 0) ++#endif ++ ++#ifdef HAVE_PCRE2 ++#define COMPAT_PCRE_PRINT_ERROR(pcreerroffset, pcreerr) \ ++ printf("Error: regular expression compilation failed at " \ ++ "offset %zu: %s; aborting\n", \ ++ (pcreerroffset), \ ++ (pcreerr)) ++#elif defined HAVE_PCRE ++#define COMPAT_PCRE_PRINT_ERROR(pcreerroffset, pcreerrorbuf) \ ++ printf("Error: regular expression compilation failed at " \ ++ "offset %d: %s; aborting\n", \ ++ (pcreerroffset), \ ++ (pcreerrorbuf)) ++#endif ++#endif //AIRCRACK_NG_COMPAT_PCRE_H diff --git a/net/aircrack-ng/patches/100-08-airodump-ng-utilize-compat-pcre.patch b/net/aircrack-ng/patches/100-08-airodump-ng-utilize-compat-pcre.patch new file mode 100644 index 0000000000..732c6a1dc3 --- /dev/null +++ b/net/aircrack-ng/patches/100-08-airodump-ng-utilize-compat-pcre.patch @@ -0,0 +1,146 @@ +From e7ace80dbcfd2feecbbc6263ce59ce20acdafca0 Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Sat, 21 Jan 2023 19:31:07 +0100 +Subject: [PATCH 8/9] airodump-ng: utilize compat-pcre + +--- + src/airodump-ng/airodump-ng.c | 80 +++++++++-------------------------- + 1 file changed, 19 insertions(+), 61 deletions(-) + +--- a/src/airodump-ng/airodump-ng.c ++++ b/src/airodump-ng/airodump-ng.c +@@ -68,13 +68,7 @@ + + #include + +-#ifdef HAVE_PCRE2 +-#define PCRE2_CODE_UNIT_WIDTH 8 +-#include +-#elif defined HAVE_PCRE +-#include +-#endif +- ++#include "aircrack-ng/pcre/compat-pcre.h" + #include "aircrack-ng/defs.h" + #include "aircrack-ng/version.h" + #include "aircrack-ng/support/pcap_local.h" +@@ -863,33 +857,22 @@ int is_filtered_essid(const uint8_t * es + ret = 1; + } + +-#ifdef HAVE_PCRE2 ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + if (lopt.f_essid_regex) + { ++#ifdef HAVE_PCRE2 + lopt.f_essid_match_data + = pcre2_match_data_create_from_pattern(lopt.f_essid_regex, NULL); + +- return pcre2_match(lopt.f_essid_regex, +- (PCRE2_SPTR) essid, +- (int) strnlen((char *) essid, ESSID_LENGTH), +- 0, +- 0, +- lopt.f_essid_match_data, +- 0) ++ return COMPAT_PCRE_MATCH(lopt.f_essid_regex, ++ essid, ++ ESSID_LENGTH, ++ lopt.f_essid_match_data) + < 0; +- } + #elif defined HAVE_PCRE +- if (lopt.f_essid_regex) +- { +- return pcre_exec(lopt.f_essid_regex, +- NULL, +- (char *) essid, +- (int) strnlen((char *) essid, ESSID_LENGTH), +- 0, +- 0, +- NULL, +- 0) ++ return COMPAT_PCRE_MATCH(lopt.f_essid_regex, essid, ESSID_LENGTH, NULL) + < 0; ++#endif + } + #endif + +@@ -5805,6 +5788,7 @@ int main(int argc, char * argv[]) + int output_format_first_time = 1; + #ifdef HAVE_PCRE2 + int pcreerror; ++ PCRE2_UCHAR pcreerrorbuf[256]; + PCRE2_SIZE pcreerroffset; + #elif defined HAVE_PCRE + const char * pcreerror; +@@ -5962,9 +5946,7 @@ int main(int argc, char * argv[]) + #ifdef CONFIG_LIBNL + lopt.htval = CHANNEL_NO_HT; + #endif +-#ifdef HAVE_PCRE2 +- lopt.f_essid_regex = NULL; +-#elif defined HAVE_PCRE ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + lopt.f_essid_regex = NULL; + #endif + +@@ -6385,7 +6367,7 @@ int main(int argc, char * argv[]) + + case 'R': + +-#ifdef HAVE_PCRE2 ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + if (lopt.f_essid_regex != NULL) + { + printf("Error: ESSID regular expression already given. " +@@ -6393,42 +6375,18 @@ int main(int argc, char * argv[]) + exit(EXIT_FAILURE); + } + +- lopt.f_essid_regex = pcre2_compile((PCRE2_SPTR) optarg, +- PCRE2_ZERO_TERMINATED, +- 0, +- &pcreerror, +- &pcreerroffset, +- NULL); ++ lopt.f_essid_regex ++ = COMPAT_PCRE_COMPILE(optarg, &pcreerror, &pcreerroffset); + + if (lopt.f_essid_regex == NULL) + { +- PCRE2_UCHAR pcreerrbuffer[256]; ++#ifdef HAVE_PCRE2 + pcre2_get_error_message( +- pcreerror, pcreerrbuffer, sizeof(pcreerrbuffer)); +- +- printf("Error: regular expression compilation failed at " +- "offset %lu: %s; aborting\n", +- pcreerroffset, +- pcreerrbuffer); +- exit(EXIT_FAILURE); +- } ++ pcreerror, pcreerrorbuf, sizeof(pcreerrorbuf)); ++ COMPAT_PCRE_PRINT_ERROR(pcreerroffset, pcreerrorbuf); + #elif defined HAVE_PCRE +- if (lopt.f_essid_regex != NULL) +- { +- printf("Error: ESSID regular expression already given. " +- "Aborting\n"); +- exit(EXIT_FAILURE); +- } +- +- lopt.f_essid_regex +- = pcre_compile(optarg, 0, &pcreerror, &pcreerroffset, NULL); +- +- if (lopt.f_essid_regex == NULL) +- { +- printf("Error: regular expression compilation failed at " +- "offset %d: %s; aborting\n", +- pcreerroffset, +- pcreerror); ++ COMPAT_PCRE_PRINT_ERROR(pcreerroffset, pcreerror); ++#endif + exit(EXIT_FAILURE); + } + #else diff --git a/net/aircrack-ng/patches/100-09-besside-ng-utilize-compat-pcre.patch b/net/aircrack-ng/patches/100-09-besside-ng-utilize-compat-pcre.patch new file mode 100644 index 0000000000..532521e37f --- /dev/null +++ b/net/aircrack-ng/patches/100-09-besside-ng-utilize-compat-pcre.patch @@ -0,0 +1,165 @@ +From d7eb251f945524b419e8c90dd54c640d9922e5d5 Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Sat, 21 Jan 2023 19:31:31 +0100 +Subject: [PATCH 9/9] besside-ng: utilize compat-pcre + +--- + src/besside-ng/besside-ng.c | 94 ++++++++----------------------------- + 1 file changed, 20 insertions(+), 74 deletions(-) + +--- a/src/besside-ng/besside-ng.c ++++ b/src/besside-ng/besside-ng.c +@@ -57,13 +57,7 @@ + #include + #include + +-#ifdef HAVE_PCRE2 +-#define PCRE2_CODE_UNIT_WIDTH 8 +-#include +-#elif defined HAVE_PCRE +-#include +-#endif +- ++#include "aircrack-ng/pcre/compat-pcre.h" + #include "aircrack-ng/defs.h" + #include "aircrack-ng/aircrack-ng.h" + #include "aircrack-ng/version.h" +@@ -1122,7 +1116,7 @@ static void attack_ping(void * a) + timer_in(100 * 1000, attack_ping, n); + } + +-#ifdef HAVE_PCRE2 ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + static int is_filtered_essid(char * essid) + { + REQUIRE(essid != NULL); +@@ -1131,39 +1125,20 @@ static int is_filtered_essid(char * essi + + if (_conf.cf_essid_regex) + { ++#ifdef HAVE_PCRE2 + _conf.cf_essid_match_data + = pcre2_match_data_create_from_pattern(_conf.cf_essid_regex, NULL); + +- return pcre2_match(_conf.cf_essid_regex, +- (PCRE2_SPTR) essid, +- (int) strnlen((char *) essid, MAX_IE_ELEMENT_SIZE), +- 0, +- 0, +- _conf.cf_essid_match_data, +- 0) ++ return COMPAT_PCRE_MATCH(_conf.cf_essid_regex, ++ essid, ++ MAX_IE_ELEMENT_SIZE, ++ _conf.cf_essid_match_data) + < 0; +- } +- +- return (ret); +-} + #elif defined HAVE_PCRE +-static int is_filtered_essid(char * essid) +-{ +- REQUIRE(essid != NULL); +- +- int ret = 0; +- +- if (_conf.cf_essid_regex) +- { +- return pcre_exec(_conf.cf_essid_regex, +- NULL, +- (char *) essid, +- strnlen((char *) essid, MAX_IE_ELEMENT_SIZE), +- 0, +- 0, +- NULL, +- 0) ++ return COMPAT_PCRE_MATCH( ++ _conf.cf_essid_regex, essid, MAX_IE_ELEMENT_SIZE, NULL) + < 0; ++#endif + } + + return (ret); +@@ -1178,12 +1153,7 @@ static int should_attack(struct network + if (_conf.cf_bssid && memcmp(_conf.cf_bssid, n->n_bssid, 6) != 0) + return (0); + +-#ifdef HAVE_PCRE2 +- if (is_filtered_essid(n->n_ssid)) +- { +- return (0); +- } +-#elif defined HAVE_PCRE ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + if (is_filtered_essid(n->n_ssid)) + { + return (0); +@@ -3338,6 +3308,7 @@ int main(int argc, char * argv[]) + int ch, temp; + #ifdef HAVE_PCRE2 + int pcreerror; ++ PCRE2_UCHAR pcreerrorbuf[256]; + PCRE2_SIZE pcreerroffset; + #elif defined HAVE_PCRE + const char * pcreerror; +@@ -3393,7 +3364,7 @@ int main(int argc, char * argv[]) + break; + + case 'R': +-#ifdef HAVE_PCRE2 ++#if defined HAVE_PCRE2 || defined HAVE_PCRE + if (_conf.cf_essid_regex != NULL) + { + printf("Error: ESSID regular expression already given. " +@@ -3401,43 +3372,18 @@ int main(int argc, char * argv[]) + exit(EXIT_FAILURE); + } + +- _conf.cf_essid_regex = pcre2_compile((PCRE2_SPTR) optarg, +- PCRE2_ZERO_TERMINATED, +- 0, +- &pcreerror, +- &pcreerroffset, +- NULL); ++ _conf.cf_essid_regex ++ = COMPAT_PCRE_COMPILE(optarg, &pcreerror, &pcreerroffset); + + if (_conf.cf_essid_regex == NULL) + { +- PCRE2_UCHAR pcreerrbuffer[256]; ++#ifdef HAVE_PCRE2 + pcre2_get_error_message( +- pcreerror, pcreerrbuffer, sizeof(pcreerrbuffer)); +- +- printf("Error: regular expression compilation failed at " +- "offset %lu: %s; aborting\n", +- pcreerroffset, +- pcreerrbuffer); +- exit(EXIT_FAILURE); +- } +- break; ++ pcreerror, pcreerrorbuf, sizeof(pcreerrorbuf)); ++ COMPAT_PCRE_PRINT_ERROR(pcreerroffset, pcreerrorbuf); + #elif defined HAVE_PCRE +- if (_conf.cf_essid_regex != NULL) +- { +- printf("Error: ESSID regular expression already given. " +- "Aborting\n"); +- exit(EXIT_FAILURE); +- } +- +- _conf.cf_essid_regex +- = pcre_compile(optarg, 0, &pcreerror, &pcreerroffset, NULL); +- +- if (_conf.cf_essid_regex == NULL) +- { +- printf("Error: regular expression compilation failed at " +- "offset %d: %s; aborting\n", +- pcreerroffset, +- pcreerror); ++ COMPAT_PCRE_PRINT_ERROR(pcreerroffset, pcreerror); ++#endif + exit(EXIT_FAILURE); + } + break; diff --git a/net/aircrack-ng/patches/101-02-src-makefile-add-PCRE2_CFLAGS-to-airodump-and-bessid.patch b/net/aircrack-ng/patches/101-02-src-makefile-add-PCRE2_CFLAGS-to-airodump-and-bessid.patch new file mode 100644 index 0000000000..c6338f5627 --- /dev/null +++ b/net/aircrack-ng/patches/101-02-src-makefile-add-PCRE2_CFLAGS-to-airodump-and-bessid.patch @@ -0,0 +1,29 @@ +From 8c6a4f171b7d97a294590fab9dc2069b149b9b36 Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Mon, 23 Jan 2023 10:42:39 +0100 +Subject: [PATCH 2/6] src/makefile: add PCRE2_CFLAGS to airodump and besside + +--- + src/Makefile.inc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/src/Makefile.inc ++++ b/src/Makefile.inc +@@ -128,7 +128,7 @@ aireplay_ng_CFLAGS = $(COMMON_CFLAGS) $( + aireplay_ng_LDADD = $(COMMON_LDADD) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) + + airodump_ng_SOURCES = $(SRC_ADU) $(SRC_DWRITE) +-airodump_ng_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(LIBNL_CFLAGS) ++airodump_ng_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(PCRE2_CFLAGS) $(LIBNL_CFLAGS) + airodump_ng_CPPFLAGS = $(AM_CPPFLAGS) -I$(abs_srcdir)/src/airodump-ng + airodump_ng_LDADD = $(COMMON_LDADD) $(PCRE_LIBS) $(PCRE2_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(LIBAIRCRACK_CE_WEP_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) + +@@ -163,7 +163,7 @@ buddy_ng_CPPFLAGS = $(AM_CPPFLAGS) -I$(a + buddy_ng_LDADD = $(COMMON_LDADD) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) + + besside_ng_SOURCES = $(SRC_BS) +-besside_ng_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(LIBNL_CFLAGS) ++besside_ng_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(PCRE2_CFLAGS) $(LIBNL_CFLAGS) + besside_ng_LDADD = $(COMMON_LDADD) $(PCRE_LIBS) $(PCRE2_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(LIBACCRYPTO_LIBS) $(LIBPTW_LIBS) $(AIRPCAP_LIBS) $(LIBAIRCRACK_LIBS) $(CRYPTO_LIBS) + + besside_ng_crawler_SOURCES = $(SRC_BC) diff --git a/net/aircrack-ng/patches/101-03-lib-makefile-add-PCRE2-to-libaccrypto-and-libaircrac.patch b/net/aircrack-ng/patches/101-03-lib-makefile-add-PCRE2-to-libaccrypto-and-libaircrac.patch new file mode 100644 index 0000000000..803b188435 --- /dev/null +++ b/net/aircrack-ng/patches/101-03-lib-makefile-add-PCRE2-to-libaccrypto-and-libaircrac.patch @@ -0,0 +1,37 @@ +From 0be8f0d7d8e4a09ea5687bcec6690876b4161a0e Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Mon, 23 Jan 2023 10:46:26 +0100 +Subject: [PATCH 3/6] lib/makefile: add PCRE2 to libaccrypto and libaircrack + +--- + lib/Makefile.inc | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/lib/Makefile.inc ++++ b/lib/Makefile.inc +@@ -65,8 +65,8 @@ SRC_CRYPTO += %D%/crypto/sha1-git.c + endif + + libaccrypto_la_SOURCES = $(SRC_CRYPTO) +-libaccrypto_la_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) +-libaccrypto_la_LIBADD = $(PCRE_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(CRYPTO_LDFLAGS) $(CRYPTO_LIBS) ++libaccrypto_la_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(PCRE2_CFLAGS) ++libaccrypto_la_LIBADD = $(PCRE_LIBS) $(PCRE2_LIBS) $(LIBAIRCRACK_OSDEP_LIBS) $(CRYPTO_LDFLAGS) $(CRYPTO_LIBS) + + libcowpatty_la_SOURCES = $(SRC_COW) + libcowpatty_la_CFLAGS = $(COMMON_CFLAGS) $(LIBCOW_CFLAGS) +@@ -121,12 +121,12 @@ SRC_LIBAC += %D%/libac/support/strlcpy.c + endif + + libaircrack_la_SOURCES = $(SRC_LIBAC) $(TRAMPOLINE) $(CPUSET) +-libaircrack_la_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) \ ++libaircrack_la_CFLAGS = $(COMMON_CFLAGS) $(PCRE_CFLAGS) $(PCRE2_CFLAGS) \ + "-DLIBAIRCRACK_CE_WPA_PATH=\"$(LIBAIRCRACK_CE_WPA_PATH)\"" \ + "-DABS_TOP_SRCDIR=\"$(abs_top_srcdir)\"" \ + "-DABS_TOP_BUILDDIR=\"$(abs_top_builddir)\"" \ + "-DLIBDIR=\"$(libdir)\"" +-libaircrack_la_LIBADD = $(COMMON_LDADD) $(LIBAIRCRACK_OSDEP_LIBS) $(PCRE_LIBS) $(CRYPTO_LDFLAGS) $(CRYPTO_LIBS) ++libaircrack_la_LIBADD = $(COMMON_LDADD) $(LIBAIRCRACK_OSDEP_LIBS) $(PCRE_LIBS) $(PCRE2_LIBS) $(CRYPTO_LDFLAGS) $(CRYPTO_LIBS) + + if CYGWIN + libaircrack_la_LIBADD += -lshlwapi diff --git a/net/aircrack-ng/patches/102-autotools-indicate-if-PCRE-or-PCRE2-is-being-used.patch b/net/aircrack-ng/patches/102-autotools-indicate-if-PCRE-or-PCRE2-is-being-used.patch new file mode 100644 index 0000000000..8dc2ce4d88 --- /dev/null +++ b/net/aircrack-ng/patches/102-autotools-indicate-if-PCRE-or-PCRE2-is-being-used.patch @@ -0,0 +1,132 @@ +From b381ef3f6b6cc83a4aa016f4c0aebb58fcffcf3f Mon Sep 17 00:00:00 2001 +From: Andras Gemes +Date: Mon, 23 Jan 2023 16:58:38 +0100 +Subject: [PATCH] autotools: indicate if PCRE or PCRE2 is being used + +--- + build/m4/aircrack_ng_pcre.m4 | 28 ++++++++++++++-- + build/m4/aircrack_ng_pcre2.m4 | 61 ----------------------------------- + configure.ac | 3 +- + 3 files changed, 26 insertions(+), 66 deletions(-) + delete mode 100644 build/m4/aircrack_ng_pcre2.m4 + +--- a/build/m4/aircrack_ng_pcre.m4 ++++ b/build/m4/aircrack_ng_pcre.m4 +@@ -55,7 +55,29 @@ else + PKG_CHECK_MODULES(PCRE, libpcre, HAVE_PCRE=yes, HAVE_PCRE=no) + fi + +-AS_IF([test "x$HAVE_PCRE" = "xyes"], [ ++AC_ARG_ENABLE(static-pcre2, ++ AS_HELP_STRING([--enable-static-pcre2], ++ [Enable statically linked PCRE2 libpcre2-8.]), ++ [static_pcre2=$enableval], [static_pcre2=no]) ++ ++if test "x$static_pcre2" != "xno"; then ++ AC_REQUIRE([AX_EXT_HAVE_STATIC_LIB_DETECT]) ++ AX_EXT_HAVE_STATIC_LIB(PCRE2, ${DEFAULT_STATIC_LIB_SEARCH_PATHS}, pcre2 libpcre2-8, pcre2_version) ++ if test "x$PCRE2_FOUND" = xyes; then ++ HAVE_PCRE2=yes ++ else ++ HAVE_PCRE2=no ++ fi ++else ++ PKG_CHECK_MODULES(PCRE2, libpcre2-8, HAVE_PCRE2=yes, HAVE_PCRE2=no) ++fi ++ ++if test "x$HAVE_PCRE" = "xyes" && test "x$HAVE_PCRE2" = "xyes"; then ++ AC_DEFINE([HAVE_PCRE2], [1], [Define this if you have libpcre2-8 on your system]) ++ PCRE2_NOTE="(Pcre and Pcre2 found, using Pcre2)" ++elif test "x$HAVE_PCRE" = "xyes"; then + AC_DEFINE([HAVE_PCRE], [1], [Define this if you have libpcre on your system]) +-]) +-]) ++elif test "x$HAVE_PCRE2" = "xyes"; then ++ AC_DEFINE([HAVE_PCRE2], [1], [Define this if you have libpcre2-8 on your system]) ++fi ++]) +\ No newline at end of file +--- a/build/m4/aircrack_ng_pcre2.m4 ++++ /dev/null +@@ -1,61 +0,0 @@ +-dnl Aircrack-ng +-dnl +-dnl Copyright (C) 2023 Andras Gemes +-dnl +-dnl Autotool support was written by: Joseph Benden +-dnl +-dnl This program is free software; you can redistribute it and/or modify +-dnl it under the terms of the GNU General Public License as published by +-dnl the Free Software Foundation; either version 2 of the License, or +-dnl (at your option) any later version. +-dnl +-dnl This program is distributed in the hope that it will be useful, +-dnl but WITHOUT ANY WARRANTY; without even the implied warranty of +-dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-dnl GNU General Public License for more details. +-dnl +-dnl You should have received a copy of the GNU General Public License +-dnl along with this program; if not, write to the Free Software +-dnl Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA +-dnl +-dnl In addition, as a special exception, the copyright holders give +-dnl permission to link the code of portions of this program with the +-dnl OpenSSL library under certain conditions as described in each +-dnl individual source file, and distribute linked combinations +-dnl including the two. +-dnl +-dnl You must obey the GNU General Public License in all respects +-dnl for all of the code used other than OpenSSL. +-dnl +-dnl If you modify file(s) with this exception, you may extend this +-dnl exception to your dnl version of the file(s), but you are not obligated +-dnl to do so. +-dnl +-dnl If you dnl do not wish to do so, delete this exception statement from your +-dnl version. +-dnl +-dnl If you delete this exception statement from all source files in the +-dnl program, then also delete it here. +- +-AC_DEFUN([AIRCRACK_NG_PCRE2], [ +-AC_ARG_ENABLE(static-pcre2, +- AS_HELP_STRING([--enable-static-pcre2], +- [Enable statically linked PCRE2 libpcre2-8.]), +- [static_pcre2=$enableval], [static_pcre2=no]) +- +-if test "x$static_pcre2" != "xno"; then +- AC_REQUIRE([AX_EXT_HAVE_STATIC_LIB_DETECT]) +- AX_EXT_HAVE_STATIC_LIB(PCRE2, ${DEFAULT_STATIC_LIB_SEARCH_PATHS}, pcre2 libpcre2-8, pcre2_version) +- if test "x$PCRE2_FOUND" = xyes; then +- HAVE_PCRE2=yes +- else +- HAVE_PCRE2=no +- fi +-else +- PKG_CHECK_MODULES(PCRE2, libpcre2-8, HAVE_PCRE2=yes, HAVE_PCRE2=no) +-fi +- +-AS_IF([test "x$HAVE_PCRE2" = "xyes"], [ +- AC_DEFINE([HAVE_PCRE2], [1], [Define this if you have libpcre2-8 on your system]) +-]) +-]) +\ No newline at end of file +--- a/configure.ac ++++ b/configure.ac +@@ -144,7 +144,6 @@ AIRCRACK_NG_EXT_SCRIPTS + AIRCRACK_NG_HWLOC + AIRCRACK_NG_PCAP + AIRCRACK_NG_PCRE +-AIRCRACK_NG_PCRE2 + AIRCRACK_NG_RFKILL + AIRCRACK_NG_SQLITE + AIRCRACK_NG_ZLIB +@@ -321,7 +320,7 @@ ${PACKAGE} ${VERSION} + Jemalloc: ${JEMALLOC} + Pcap: ${PCAP_FOUND} + Pcre: ${HAVE_PCRE} +- Pcre2: ${HAVE_PCRE2} ++ Pcre2: ${HAVE_PCRE2} ${PCRE2_NOTE} + Sqlite: ${HAVE_SQLITE3} + Tcmalloc: ${TCMALLOC} + Zlib: ${HAVE_ZLIB} diff --git a/net/aircrack-ng/patches/103-autotools-reset-PCRE-CFLAGS-LIBS-with-both-PCRE-and-.patch b/net/aircrack-ng/patches/103-autotools-reset-PCRE-CFLAGS-LIBS-with-both-PCRE-and-.patch new file mode 100644 index 0000000000..677cb321db --- /dev/null +++ b/net/aircrack-ng/patches/103-autotools-reset-PCRE-CFLAGS-LIBS-with-both-PCRE-and-.patch @@ -0,0 +1,39 @@ +From b8d0b8cb6caa6940443b3e6ca32efc78d0c9d00e Mon Sep 17 00:00:00 2001 +From: Christian Marangi +Date: Sun, 1 Oct 2023 00:32:16 +0200 +Subject: [PATCH] autotools: reset PCRE CFLAGS/LIBS with both PCRE and PCRE2 + present + +Commit b381ef3f6b6c ("autotools: indicate if PCRE or PCRE2 is being +used") fixed a case where both pcre and pcre2 library are detected and +put a preference on using pcre2. + +Although the commit fix this corner case, there is still a latent +problem with trying to link/include both library. This is caused by the +fact that in the Makefile.inc for src and lib, we include both +PCRE_CFLAGS and PCRE2_CFLAGS and PCRE_LIBS and PCRE2_LIBS for each +tool/lib. + +To handle this and not bloat the Makefile with additional condition, +simply reset the PCRE_CFLAGS and PCRE_LIBS in case where we detect both +library and we prefer to use pcre2. + +Fixes: b381ef3f6b6c ("autotools: indicate if PCRE or PCRE2 is being used") +Signed-off-by: Christian Marangi +--- + build/m4/aircrack_ng_pcre.m4 | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/build/m4/aircrack_ng_pcre.m4 ++++ b/build/m4/aircrack_ng_pcre.m4 +@@ -75,6 +75,10 @@ fi + if test "x$HAVE_PCRE" = "xyes" && test "x$HAVE_PCRE2" = "xyes"; then + AC_DEFINE([HAVE_PCRE2], [1], [Define this if you have libpcre2-8 on your system]) + PCRE2_NOTE="(Pcre and Pcre2 found, using Pcre2)" ++ # Reset PCRE cflags and libs variables as we include both PCRE and PCRE2 in Makefile.inc ++ # and would result in trying to link/include both library. ++ PCRE_CFLAGS="" ++ PCRE_LIBS="" + elif test "x$HAVE_PCRE" = "xyes"; then + AC_DEFINE([HAVE_PCRE], [1], [Define this if you have libpcre on your system]) + elif test "x$HAVE_PCRE2" = "xyes"; then From 401d2428ac24abcd90dcaa7bf5bc32ef33e6769b Mon Sep 17 00:00:00 2001 From: "S. Brusch" Date: Mon, 2 Oct 2023 17:30:48 +0200 Subject: [PATCH 05/54] crowdsec-firewall-bouncer: new upstream release version 0.0.28 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: S. Brusch Maintainer: Kerma Gérald Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.0-rc3 Description: Update crowdsec-firewall-bouncer to latest upstream release version 0.0.28 --- net/crowdsec-firewall-bouncer/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/crowdsec-firewall-bouncer/Makefile b/net/crowdsec-firewall-bouncer/Makefile index 82eb69974f..ee8c732233 100644 --- a/net/crowdsec-firewall-bouncer/Makefile +++ b/net/crowdsec-firewall-bouncer/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=crowdsec-firewall-bouncer -PKG_VERSION:=0.0.27 +PKG_VERSION:=0.0.28 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/crowdsecurity/cs-firewall-bouncer/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=2516e700c88e46e6aa58100ff6f343257cc1befdb555d6ab9e124f217ec46ca0 +PKG_HASH:=1e0f4d3cd8bc73da21eafc9b965fda0c1c1b0a27a2acc038004602797e4fccf0 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE From f3b8e569a5a619d87da873c3f9f657f77b1656c7 Mon Sep 17 00:00:00 2001 From: Stan Grishin Date: Sun, 1 Oct 2023 23:52:15 +0000 Subject: [PATCH 06/54] adblock-fast: update to 1.0.0-5 * improve processing of dnsmasq config files * do not run sed/show error if allow_filter is empty Signed-off-by: Stan Grishin --- net/adblock-fast/Makefile | 2 +- .../files/etc/init.d/adblock-fast | 29 ++++++++++++------- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/net/adblock-fast/Makefile b/net/adblock-fast/Makefile index 23ec3acad3..bd7ad9845b 100644 --- a/net/adblock-fast/Makefile +++ b/net/adblock-fast/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock-fast PKG_VERSION:=1.0.0 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_MAINTAINER:=Stan Grishin PKG_LICENSE:=GPL-3.0-or-later diff --git a/net/adblock-fast/files/etc/init.d/adblock-fast b/net/adblock-fast/files/etc/init.d/adblock-fast index b0ce905033..f885bd1052 100755 --- a/net/adblock-fast/files/etc/init.d/adblock-fast +++ b/net/adblock-fast/files/etc/init.d/adblock-fast @@ -64,8 +64,9 @@ readonly sharedMemoryError="/dev/shm/$packageName-error" readonly hostsFilter='/localhost/d;/^#/d;/^[^0-9]/d;s/^0\.0\.0\.0.//;s/^127\.0\.0\.1.//;s/[[:space:]]*#.*$//;s/[[:cntrl:]]$//;s/[[:space:]]//g;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;' readonly domainsFilter='/^#/d;s/[[:space:]]*#.*$//;s/[[:space:]]*$//;s/[[:cntrl:]]$//;/[[:space:]]/d;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;' readonly adBlockPlusFilter='/^#/d;/^!/d;s/[[:space:]]*#.*$//;s/^||//;s/\^$//;s/[[:space:]]*$//;s/[[:cntrl:]]$//;/[[:space:]]/d;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;' -readonly dnsmasqFileFilter='\|^server=/[[:alnum:]_.-].*/|!d' -readonly dnsmasq2FileFilter='\|^local=/[[:alnum:]_.-].*/|!d' +readonly dnsmasqFileFilter='\|^server=/[[:alnum:]_.-].*/|!d;s|server=/||;s|/.*$||' +readonly dnsmasq2FileFilter='\|^local=/[[:alnum:]_.-].*/|!d;s|local=/||;s|/.*$||' +readonly dnsmasq3FileFilter='\|^address=/[[:alnum:]_.-].*/|!d;s|address=/||;s|/.*$||' readonly _OK_='\033[0;32m\xe2\x9c\x93\033[0m' readonly _FAIL_='\033[0;31m\xe2\x9c\x97\033[0m' readonly __OK__='\033[0;32m[\xe2\x9c\x93]\033[0m' @@ -279,6 +280,8 @@ append_url() { echo 'dnsmasq' elif grep -q '^local=' "$file"; then echo 'dnsmasq2' + elif grep -q '^address=' "$file"; then + echo 'dnsmasq3' elif grep -q '^0.0.0.0' "$file" || grep -q '^127.0.0.1' "$file"; then echo 'hosts' elif [ -n "$(sed "$domainsFilter" "$file" | head -1)" ]; then @@ -868,6 +871,7 @@ process_file_url() { adblockplus) filter="$adBlockPlusFilter";; dnsmasq) filter="$dnsmasqFileFilter";; dnsmasq2) filter="$dnsmasq2FileFilter";; + dnsmasq3) filter="$dnsmasq3FileFilter";; domains) filter="$domainsFilter";; hosts) filter="$hostsFilter";; *) @@ -878,7 +882,9 @@ process_file_url() { return 0 ;; esac - sed -i "$filter" "$R_TMP" + if [ -n "$filter" ] && [ "$action" != 'file' ]; then + sed -i "$filter" "$R_TMP" + fi if [ ! -s "$R_TMP" ]; then output 1 "$_FAIL_" output 2 "[DL] $type $label ($format) $__FAIL__\\n" @@ -1038,15 +1044,16 @@ $(cat $A_TMP)" mv "$A_TMP" "$B_TMP" fi - output 2 'Allowing domains ' - json set message "$(get_text "statusProcessing"): allowing domains" - if sed -i -E "$allow_filter" "$B_TMP"; then - output_ok - else - output_failn - json add error "errorAllowListProcessing" + if [ -n "$allow_filter" ]; then + output 2 'Allowing domains ' + json set message "$(get_text "statusProcessing"): allowing domains" + if sed -i -E "$allow_filter" "$B_TMP"; then + output_ok + else + output_failn + json add error "errorAllowListProcessing" + fi fi - output 2 'Formatting merged file ' json set message "$(get_text "statusProcessing"): formatting merged file" if [ -z "$outputFilterIPv6" ]; then From 06504d9dd29016361e5d4265cf0069092ac5274f Mon Sep 17 00:00:00 2001 From: Fabian Lipken Date: Tue, 3 Oct 2023 11:46:08 +0200 Subject: [PATCH 07/54] irssi: update to 1.4.5 Signed-off-by: Fabian Lipken --- net/irssi/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/irssi/Makefile b/net/irssi/Makefile index 85a136bf0c..6047ec4800 100644 --- a/net/irssi/Makefile +++ b/net/irssi/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=irssi -PKG_VERSION:=1.4.4 +PKG_VERSION:=1.4.5 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/irssi/irssi/releases/download/$(PKG_VERSION)/ -PKG_HASH:=fefe9ec8c7b1475449945c934a2360ab12693454892be47a6d288c63eb107ead +PKG_HASH:=72a951cb0ad622785a8962801f005a3a412736c7e7e3ce152f176287c52fe062 PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=COPYING From b46ff1fd8a877afc0f36cf7df5b9aae9d15fdb95 Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Mon, 2 Oct 2023 21:30:26 +0800 Subject: [PATCH 08/54] yq: Update to 4.35.2 Signed-off-by: Tianling Shen --- utils/yq/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/yq/Makefile b/utils/yq/Makefile index 6005810505..6400b4807a 100644 --- a/utils/yq/Makefile +++ b/utils/yq/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yq -PKG_VERSION:=4.35.1 +PKG_VERSION:=4.35.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/mikefarah/yq/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=b3e079169529ec6b42925d0802c22d86f1ef6e1458dce67eae5a1d6db56cb8c3 +PKG_HASH:=8b17d710c56f764e9beff06d7a7b1c77d87c4ba4219ce4ce67e7ee29670f4f13 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=MIT From dd5af62695e2c0fcf421adfffbea92f37d1a652d Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Tue, 3 Oct 2023 22:26:02 +0800 Subject: [PATCH 09/54] python-cffi: Update to 1.16.0 This includes a patch to unpin the version of setuptools required for build; the required version is newer than the version bundled with Python 3.11. This patch should not be necessary when Python 3.12 is available. Signed-off-by: Jeffery To --- lang/python/python-cffi/Makefile | 5 +++-- .../python-cffi/patches/001-unpin-setuptools.patch | 10 ++++++++++ lang/python/python-cffi/test.sh | 8 ++++++++ 3 files changed, 21 insertions(+), 2 deletions(-) create mode 100644 lang/python/python-cffi/patches/001-unpin-setuptools.patch create mode 100644 lang/python/python-cffi/test.sh diff --git a/lang/python/python-cffi/Makefile b/lang/python/python-cffi/Makefile index b14ef8099e..74020d159c 100644 --- a/lang/python/python-cffi/Makefile +++ b/lang/python/python-cffi/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-cffi -PKG_VERSION:=1.15.1 +PKG_VERSION:=1.16.0 PKG_RELEASE:=1 PYPI_NAME:=cffi -PKG_HASH:=d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9 +PKG_HASH:=bcb3ef43e58665bbda2fb198698fcae6776483e0c4a631aa5647806c25e02cc0 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE @@ -40,6 +40,7 @@ define Package/python3-cffi DEPENDS:= \ +libffi \ +python3-light \ + +python3-ctypes \ +python3-pycparser endef diff --git a/lang/python/python-cffi/patches/001-unpin-setuptools.patch b/lang/python/python-cffi/patches/001-unpin-setuptools.patch new file mode 100644 index 0000000000..bf2774f543 --- /dev/null +++ b/lang/python/python-cffi/patches/001-unpin-setuptools.patch @@ -0,0 +1,10 @@ +--- a/pyproject.toml ++++ b/pyproject.toml +@@ -2,6 +2,6 @@ + requires = [ + # first version that supports Python 3.12; older versions may work + # with previous Python versions, but are not tested +- "setuptools >= 66.1" ++ "setuptools" + ] + build-backend = "setuptools.build_meta" diff --git a/lang/python/python-cffi/test.sh b/lang/python/python-cffi/test.sh new file mode 100644 index 0000000000..48ea3adb7e --- /dev/null +++ b/lang/python/python-cffi/test.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +[ "$1" = python3-cffi ] || exit 0 + +python3 - << EOF +from cffi import FFI +ffibuilder = FFI() +EOF From 85540346fef07abf5df1a2d3558b341e7afb60d8 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Tue, 3 Oct 2023 22:54:02 +0800 Subject: [PATCH 10/54] python-charset-normalizer: Update to 3.3.0 Signed-off-by: Jeffery To --- lang/python/python-charset-normalizer/Makefile | 4 ++-- lang/python/python-charset-normalizer/test.sh | 12 ++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 lang/python/python-charset-normalizer/test.sh diff --git a/lang/python/python-charset-normalizer/Makefile b/lang/python/python-charset-normalizer/Makefile index 7a2e4ee076..6e88357d22 100644 --- a/lang/python/python-charset-normalizer/Makefile +++ b/lang/python/python-charset-normalizer/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-charset-normalizer -PKG_VERSION:=3.2.0 +PKG_VERSION:=3.3.0 PKG_RELEASE:=1 PYPI_NAME:=charset-normalizer -PKG_HASH:=3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace +PKG_HASH:=63563193aec44bce707e0c5ca64ff69fa72ed7cf34ce6e11d5127555756fd2f6 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE diff --git a/lang/python/python-charset-normalizer/test.sh b/lang/python/python-charset-normalizer/test.sh new file mode 100644 index 0000000000..b1b2f79968 --- /dev/null +++ b/lang/python/python-charset-normalizer/test.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +[ "$1" = python3-charset-normalizer ] || exit 0 + +python3 - << EOF +import sys +from charset_normalizer import from_bytes +s = 'Bсеки човек има право на образование.' +byte_str = s.encode('cp1251') +result = from_bytes(byte_str).best() +sys.exit(0 if str(result) == s else 1) +EOF From 3e0dccdea16dd4d148c401aa10e70c9a1816c010 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Mon, 2 Oct 2023 15:03:01 +0200 Subject: [PATCH 11/54] php8: update to 8.2.11 Signed-off-by: Michael Heimpold --- lang/php8/Makefile | 4 ++-- lang/php8/patches/0025-php-5.4.9-fixheader.patch | 2 +- lang/php8/patches/1004-disable-phar-command.patch | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lang/php8/Makefile b/lang/php8/Makefile index f1977ee488..56e77c7ca9 100644 --- a/lang/php8/Makefile +++ b/lang/php8/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=8.2.10 +PKG_VERSION:=8.2.11 PKG_RELEASE:=1 PKG_MAINTAINER:=Michael Heimpold @@ -16,7 +16,7 @@ PKG_CPE_ID:=cpe:/a:php:php PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_HASH:=561dc4acd5386e47f25be76f2c8df6ae854756469159248313bcf276e282fbb3 +PKG_HASH:=29af82e4f7509831490552918aad502697453f0869a579ee1b80b08f9112c5b8 PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 diff --git a/lang/php8/patches/0025-php-5.4.9-fixheader.patch b/lang/php8/patches/0025-php-5.4.9-fixheader.patch index 2929c22220..0268f37188 100644 --- a/lang/php8/patches/0025-php-5.4.9-fixheader.patch +++ b/lang/php8/patches/0025-php-5.4.9-fixheader.patch @@ -9,7 +9,7 @@ Make generated php_config.h constant across rebuilds. --- a/configure.ac +++ b/configure.ac -@@ -1455,7 +1455,7 @@ PHP_REMOVE_USR_LIB(LDFLAGS) +@@ -1451,7 +1451,7 @@ PHP_REMOVE_USR_LIB(LDFLAGS) EXTRA_LDFLAGS="$EXTRA_LDFLAGS $PHP_LDFLAGS" EXTRA_LDFLAGS_PROGRAM="$EXTRA_LDFLAGS_PROGRAM $PHP_LDFLAGS" diff --git a/lang/php8/patches/1004-disable-phar-command.patch b/lang/php8/patches/1004-disable-phar-command.patch index f6b3a10e39..2f24f968da 100644 --- a/lang/php8/patches/1004-disable-phar-command.patch +++ b/lang/php8/patches/1004-disable-phar-command.patch @@ -11,7 +11,7 @@ --- a/configure.ac +++ b/configure.ac -@@ -1638,13 +1638,13 @@ CFLAGS_CLEAN="$CFLAGS \$(PROF_FLAGS)" +@@ -1634,13 +1634,13 @@ CFLAGS_CLEAN="$CFLAGS \$(PROF_FLAGS)" CFLAGS="\$(CFLAGS_CLEAN) $standard_libtool_flag" CXXFLAGS="$CXXFLAGS $standard_libtool_flag \$(PROF_FLAGS)" From 51a7d7850d3bebdc39fcfcabc13975cdda588839 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Tue, 3 Oct 2023 20:37:33 +0200 Subject: [PATCH 12/54] mmc-utils: update to latest upstream revision This also requires updating our patch for fortify-ing. We now also pass the version as define during compilation. Signed-off-by: Michael Heimpold --- utils/mmc-utils/Makefile | 9 +++++---- .../0000-properly-set-fortify-source-in-makefile.patch | 9 +++++---- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/utils/mmc-utils/Makefile b/utils/mmc-utils/Makefile index eeb35777de..4243d08955 100644 --- a/utils/mmc-utils/Makefile +++ b/utils/mmc-utils/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://git.kernel.org/pub/scm/utils/mmc/mmc-utils.git -PKG_SOURCE_DATE:=2023-01-16 -PKG_SOURCE_VERSION:=d4c2910981ff99b983734426dfa99632fb81ac6b -PKG_MIRROR_HASH:=b124409d3482db1e63822a7860b7e4a0dfe6c3545da967283979fe805a287893 +PKG_SOURCE_DATE:=2023-09-26 +PKG_SOURCE_VERSION:=80271e9a6fd0db9cb3a85d024664da886e94315c +PKG_MIRROR_HASH:=317cacbacfbc8a9d4afb978e4c5a601cf489a514604534168971dd20311d9d12 PKG_LICENSE:=GPL-2.0-only PKG_LICENSE_FILES:= @@ -40,7 +40,8 @@ endef define Build/Compile $(MAKE) -C $(PKG_BUILD_DIR) \ - $(TARGET_CONFIGURE_OPTS) CFLAGS="$(TARGET_CFLAGS) -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" \ + $(TARGET_CONFIGURE_OPTS) CFLAGS="$(TARGET_CFLAGS) -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 \ + -UVERSION -DVERSION=\\\"$(shell echo $(PKG_SOURCE_VERSION) | cut -c -6)\\\"" \ mmc endef diff --git a/utils/mmc-utils/patches/0000-properly-set-fortify-source-in-makefile.patch b/utils/mmc-utils/patches/0000-properly-set-fortify-source-in-makefile.patch index 1a2081335a..de976ca12f 100644 --- a/utils/mmc-utils/patches/0000-properly-set-fortify-source-in-makefile.patch +++ b/utils/mmc-utils/patches/0000-properly-set-fortify-source-in-makefile.patch @@ -1,9 +1,10 @@ --- a/Makefile +++ b/Makefile -@@ -1,5 +1,5 @@ +@@ -1,6 +1,6 @@ CC ?= gcc --AM_CFLAGS = -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 -+AM_CFLAGS = -D_FILE_OFFSET_BITS=64 + GIT_VERSION := "$(shell git describe --abbrev=6 --always --tags)" +-AM_CFLAGS = -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 \ ++AM_CFLAGS = -D_FILE_OFFSET_BITS=64 \ + -DVERSION=\"$(GIT_VERSION)\" CFLAGS ?= -g -O2 objects = \ - mmc.o \ From 00cad2980cc7707f662acb1fa2a51c4e4fc331d9 Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Tue, 3 Oct 2023 21:30:15 +0200 Subject: [PATCH 13/54] banip: release 0.9.1-1 * drop packets silently on input and forwardwan chains or actively reject the traffic, set 'ban_blocktype' accordingly * optimized banIP boot/reload handling * removed pppoe quirk in device detection * small fixes and optimizations Signed-off-by: Dirk Brenken --- net/banip/Makefile | 2 +- net/banip/files/README.md | 6 +- net/banip/files/banip-functions.sh | 141 ++++++++++++++++++----------- net/banip/files/banip-service.sh | 9 +- net/banip/files/banip.init | 18 ++-- net/banip/files/banip.tpl | 4 +- 6 files changed, 110 insertions(+), 70 deletions(-) diff --git a/net/banip/Makefile b/net/banip/Makefile index fbcfd97912..0c9f4460fa 100644 --- a/net/banip/Makefile +++ b/net/banip/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=banip -PKG_VERSION:=0.9.0 +PKG_VERSION:=0.9.1 PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/banip/files/README.md b/net/banip/files/README.md index 0ab0aac285..d65e6e391f 100644 --- a/net/banip/files/README.md +++ b/net/banip/files/README.md @@ -162,9 +162,8 @@ Available commands: | ban_dev | list | - / autodetect | wan device(s), e.g. 'eth2' | | ban_vlanallow | list | - | always allow certain VLAN forwards, e.g. br-lan.20 | | ban_vlanblock | list | - | always block certain VLAN forwards, e.g. br-lan.10 | -| ban_trigger | list | - | logical startup trigger interface(s), e.g. 'wan' | -| ban_triggerdelay | option | 10 | trigger timeout before banIP processing begins | -| ban_triggeraction | option | start | trigger action on ifup events, e.g. start, restart or reload | +| ban_trigger | list | - | logical reload trigger interface(s), e.g. 'wan' | +| ban_triggerdelay | option | 10 | trigger timeout during interface reload and boot | | ban_deduplicate | option | 1 | deduplicate IP addresses across all active Sets | | ban_splitsize | option | 0 | split ext. Sets after every n lines/members (saves RAM) | | ban_cores | option | - / autodetect | limit the cpu cores used by banIP (saves RAM) | @@ -176,6 +175,7 @@ Available commands: | ban_asn | list | - | ASNs for the 'asn' feed, e.g.'32934' | | ban_country | list | - | country iso codes for the 'country' feed, e.g. 'ru' | | ban_blockpolicy | option | - | limit the default block policy to a certain chain, e.g. 'input', 'forwardwan' or 'forwardlan' | +| ban_blocktype | option | drop | 'drop' packets silently on input and forwardwan chains or actively 'reject' the traffic | | ban_blockinput | list | - | limit a feed to the wan-input chain, e.g. 'country' | | ban_blockforwardwan | list | - | limit a feed to the wan-forward chain, e.g. 'debl' | | ban_blockforwardlan | list | - | limit a feed to the lan-forward chain, e.g. 'doh' | diff --git a/net/banip/files/banip-functions.sh b/net/banip/files/banip-functions.sh index 5457536350..c0c4ea9595 100644 --- a/net/banip/files/banip-functions.sh +++ b/net/banip/files/banip-functions.sh @@ -65,6 +65,7 @@ ban_splitsize="0" ban_autodetect="1" ban_feed="" ban_blockpolicy="" +ban_blocktype="drop" ban_blockinput="" ban_blockforwardwan="" ban_blockforwardlan="" @@ -86,7 +87,6 @@ ban_cores="" ban_memory="" ban_packages="" ban_trigger="" -ban_triggerdelay="10" ban_resolver="" ban_enabled="0" ban_debug="0" @@ -283,8 +283,6 @@ f_conf() { } } config_load banip - - [ "${ban_action}" = "boot" ] && [ -z "${ban_trigger}" ] && sleep ${ban_triggerdelay} } # get nft/monitor actuals @@ -421,15 +419,10 @@ f_getdev() { network_flush_cache for iface in ${ban_ifv4} ${ban_ifv6}; do network_get_device dev "${iface}" - if [ -n "${dev}" ]; then - if printf "%s" "${dev}" | "${ban_grepcmd}" -qE "pppoe|6in4"; then - dev="${iface}" - fi - if ! printf " %s " "${ban_dev}" | "${ban_grepcmd}" -q " ${dev} "; then - ban_dev="${ban_dev}${dev} " - uci_add_list banip global ban_dev "${dev}" - f_log "info" "add device '${dev}' to config" - fi + if [ -n "${dev}" ] && ! printf " %s " "${ban_dev}" | "${ban_grepcmd}" -q " ${dev} "; then + ban_dev="${ban_dev}${dev} " + uci_add_list banip global ban_dev "${dev}" + f_log "info" "add device '${dev}' to config" fi done cnt="$((cnt + 1))" @@ -495,13 +488,15 @@ f_getuplink() { f_getfeed() { json_init if [ -s "${ban_customfeedfile}" ]; then - if ! json_load_file "${ban_customfeedfile}" >/dev/null 2>&1; then + if json_load_file "${ban_customfeedfile}" >/dev/null 2>&1; then + return + else f_log "info" "can't load banIP custom feed file" - if ! json_load_file "${ban_feedfile}" >/dev/null 2>&1; then - f_log "err" "can't load banIP feed file" - fi fi - elif ! json_load_file "${ban_feedfile}" >/dev/null 2>&1; then + fi + if [ -s "${ban_feedfile}" ] && json_load_file "${ban_feedfile}" >/dev/null 2>&1; then + return + else f_log "err" "can't load banIP feed file" fi } @@ -526,9 +521,9 @@ f_etag() { etag_id="$(printf "%s" "${http_head}" | "${ban_awkcmd}" 'tolower($0)~/^[[:space:]]*etag: /{gsub("\"","");printf "%s",$2}')" etag_rc="${?}" - if [ "${http_code}" = "404" ] || { [ "${etag_rc}" = "0" ] && [ -n "${etag_id}" ] && "${ban_grepcmd}" -q "^${feed}${feed_suffix}.*${etag_id}\$" "${ban_backupdir}/banIP.etag"; }; then + if [ "${http_code}" = "404" ] || { [ "${etag_rc}" = "0" ] && [ -n "${etag_id}" ] && "${ban_grepcmd}" -q "^${feed}${feed_suffix}[[:space:]]\+${etag_id}\$" "${ban_backupdir}/banIP.etag"; }; then out_rc="0" - elif [ "${etag_rc}" = "0" ] && [ -n "${etag_id}" ] && ! "${ban_grepcmd}" -q "^${feed}${feed_suffix}.*${etag_id}\$" "${ban_backupdir}/banIP.etag"; then + elif [ "${etag_rc}" = "0" ] && [ -n "${etag_id}" ] && ! "${ban_grepcmd}" -q "^${feed}${feed_suffix}[[:space:]]\+${etag_id}\$" "${ban_backupdir}/banIP.etag"; then "${ban_sedcmd}" -i "/^${feed}${feed_suffix}/d" "${ban_backupdir}/banIP.etag" printf "%-20s%s\n" "${feed}${feed_suffix}" "${etag_id}" >>"${ban_backupdir}/banIP.etag" out_rc="2" @@ -559,6 +554,12 @@ f_nftinit() { printf "%s\n" "add chain inet banIP wan-input { type filter hook input priority ${ban_nftpriority}; policy accept; }" printf "%s\n" "add chain inet banIP wan-forward { type filter hook forward priority ${ban_nftpriority}; policy accept; }" printf "%s\n" "add chain inet banIP lan-forward { type filter hook forward priority ${ban_nftpriority}; policy accept; }" + printf "%s\n" "add chain inet banIP reject-chain" + + # default reject rules + # + printf "%s\n" "add rule inet banIP reject-chain meta l4proto tcp reject with tcp reset" + printf "%s\n" "add rule inet banIP reject-chain reject" # default wan-input rules # @@ -581,7 +582,7 @@ f_nftinit() { printf "%s\n" "add rule inet banIP lan-forward ct state established,related counter accept" printf "%s\n" "add rule inet banIP lan-forward oifname != { ${wan_dev} } counter accept" [ -n "${vlan_allow}" ] && printf "%s\n" "add rule inet banIP lan-forward iifname { ${vlan_allow} } counter accept" - [ -n "${vlan_block}" ] && printf "%s\n" "add rule inet banIP lan-forward iifname { ${vlan_block} } counter reject" + [ -n "${vlan_block}" ] && printf "%s\n" "add rule inet banIP lan-forward iifname { ${vlan_block} } counter goto reject-chain" } >"${file}" # load initial banIP table within nft (atomic load) @@ -609,9 +610,9 @@ f_down() { tmp_nft="${ban_tmpfile}.${feed}.nft" tmp_allow="${ban_tmpfile}.${feed%v*}" - [ "${ban_loginput}" = "1" ] && log_input="log level ${ban_nftloglevel} prefix \"banIP/inp-wan/drp/${feed}: \"" - [ "${ban_logforwardwan}" = "1" ] && log_forwardwan="log level ${ban_nftloglevel} prefix \"banIP/fwd-wan/drp/${feed}: \"" - [ "${ban_logforwardlan}" = "1" ] && log_forwardlan="log level ${ban_nftloglevel} prefix \"banIP/fwd-lan/rej/${feed}: \"" + [ "${ban_loginput}" = "1" ] && log_input="log level ${ban_nftloglevel} prefix \"banIP/inp-wan/${ban_blocktype}/${feed}: \"" + [ "${ban_logforwardwan}" = "1" ] && log_forwardwan="log level ${ban_nftloglevel} prefix \"banIP/fwd-wan/${ban_blocktype}/${feed}: \"" + [ "${ban_logforwardlan}" = "1" ] && log_forwardlan="log level ${ban_nftloglevel} prefix \"banIP/fwd-lan/reject/${feed}: \"" # set feed block direction # @@ -724,21 +725,29 @@ f_down() { printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" if [ -z "${feed_direction##*input*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then - printf "%s\n" "add rule inet banIP wan-input ip saddr != @${feed} ${log_input} counter drop" + if [ "${ban_blocktype}" = "reject" ]; then + printf "%s\n" "add rule inet banIP wan-input ip saddr != @${feed} ${log_input} counter goto reject-chain" + else + printf "%s\n" "add rule inet banIP wan-input ip saddr != @${feed} ${log_input} counter drop" + fi else printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} counter accept" fi fi if [ -z "${feed_direction##*forwardwan*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then - printf "%s\n" "add rule inet banIP wan-forward ip saddr != @${feed} ${log_forwardwan} counter drop" + if [ "${ban_blocktype}" = "reject" ]; then + printf "%s\n" "add rule inet banIP wan-forward ip saddr != @${feed} ${log_forwardwan} counter goto reject-chain" + else + printf "%s\n" "add rule inet banIP wan-forward ip saddr != @${feed} ${log_forwardwan} counter drop" + fi else printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} counter accept" fi fi if [ -z "${feed_direction##*forwardlan*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then - printf "%s\n" "add rule inet banIP lan-forward ip daddr != @${feed} ${log_forwardlan} counter reject with icmp type admin-prohibited" + printf "%s\n" "add rule inet banIP lan-forward ip daddr != @${feed} ${log_forwardlan} counter goto reject-chain" else printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} counter accept" fi @@ -749,21 +758,29 @@ f_down() { printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" if [ -z "${feed_direction##*input*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then - printf "%s\n" "add rule inet banIP wan-input ip6 saddr != @${feed} ${log_input} counter drop" + if [ "${ban_blocktype}" = "reject" ]; then + printf "%s\n" "add rule inet banIP wan-input ip6 saddr != @${feed} ${log_input} counter goto reject-chain" + else + printf "%s\n" "add rule inet banIP wan-input ip6 saddr != @${feed} ${log_input} counter drop" + fi else printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} counter accept" fi fi if [ -z "${feed_direction##*forwardwan*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then - printf "%s\n" "add rule inet banIP wan-forward ip6 saddr != @${feed} ${log_forwardwan} counter drop" + if [ "${ban_blocktype}" = "reject" ]; then + printf "%s\n" "add rule inet banIP wan-forward ip6 saddr != @${feed} ${log_forwardwan} counter goto reject-chain" + else + printf "%s\n" "add rule inet banIP wan-forward ip6 saddr != @${feed} ${log_forwardwan} counter drop" + fi else printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} counter accept" fi fi if [ -z "${feed_direction##*forwardlan*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then - printf "%s\n" "add rule inet banIP lan-forward ip6 daddr != @${feed} ${log_forwardlan} counter reject with icmpv6 type admin-prohibited" + printf "%s\n" "add rule inet banIP lan-forward ip6 daddr != @${feed} ${log_forwardlan} counter goto reject-chain" else printf "%s\n" "add rule inet banIP lan-forward ip6 daddr @${feed} counter accept" fi @@ -778,11 +795,11 @@ f_down() { if [ "${proto}" = "4MAC" ]; then "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}(\/([0-9]|[1-3][0-9]|4[0-8]))?([[:space:]]+([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?[[:space:]]*$|[[:space:]]+$|$)/{if(!$2)$2="0.0.0.0/0";if(!seen[$1]++)printf "%s . %s, ",tolower($1),$2}' "${ban_blocklist}" >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ether_addr . ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip saddr @${feed} counter reject" + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip saddr @${feed} counter goto reject-chain" elif [ "${proto}" = "6MAC" ]; then "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}(\/([0-9]|[1-3][0-9]|4[0-8]))?([[:space:]]+([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?[[:space:]]*$|[[:space:]]+$|$)/{if(!$2)$2="::/0";if(!seen[$1]++)printf "%s . %s, ",tolower($1),$2}' "${ban_blocklist}" >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ether_addr . ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip6 saddr @${feed} counter reject" + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip6 saddr @${feed} counter goto reject-chain" elif [ "${proto}" = "4" ]; then if [ "${ban_deduplicate}" = "1" ]; then "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]].*|$)/{printf "%s,\n",$1}' "${ban_blocklist}" >"${tmp_raw}" @@ -794,9 +811,14 @@ f_down() { fi "${ban_awkcmd}" '{ORS=" ";print}' "${tmp_split}" 2>/dev/null >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval, timeout; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" - [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter drop" - [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter drop" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} ${log_forwardlan} counter reject with icmp type admin-prohibited" + if [ "${ban_blocktype}" = "reject" ]; then + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter goto reject-chain" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter goto reject-chain" + else + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter drop" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter drop" + fi + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} ${log_forwardlan} counter goto reject-chain" elif [ "${proto}" = "6" ]; then if [ "${ban_deduplicate}" = "1" ]; then "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}.*/{printf "%s\n",$1}' "${ban_blocklist}" | @@ -810,9 +832,14 @@ f_down() { fi "${ban_awkcmd}" '{ORS=" ";print}' "${tmp_split}" 2>/dev/null >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval, timeout; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" - [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter drop" - [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter drop" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip6 daddr @${feed} ${log_forwardlan} counter reject with icmpv6 type admin-prohibited" + if [ "${ban_blocktype}" = "reject" ]; then + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter goto reject-chain" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter goto reject-chain" + else + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter drop" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter drop" + fi + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip6 daddr @${feed} ${log_forwardlan} counter goto reject-chain" fi } >"${tmp_nft}" feed_rc="0" @@ -907,9 +934,14 @@ f_down() { # input and forward rules # - [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter drop" - [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter drop" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} ${log_forwardlan} counter reject with icmp type admin-prohibited" + if [ "${ban_blocktype}" = "reject" ]; then + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter goto reject-chain" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter goto reject-chain" + else + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter drop" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter drop" + fi + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} ${log_forwardlan} counter goto reject-chain" } >"${tmp_nft}" elif [ "${feed_rc}" = "0" ] && [ "${proto}" = "6" ]; then { @@ -921,9 +953,14 @@ f_down() { # input and forward rules # - [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter drop" - [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter drop" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip6 daddr @${feed} ${log_forwardlan} counter reject with icmpv6 type admin-prohibited" + if [ "${ban_blocktype}" = "reject" ]; then + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter goto reject-chain" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter goto reject-chain" + else + [ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter drop" + [ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter drop" + fi + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip6 daddr @${feed} ${log_forwardlan} counter goto reject-chain" } >"${tmp_nft}" fi fi @@ -1035,18 +1072,18 @@ f_rmset() { # generate status information # f_genstatus() { - local object duration item table_sets cnt_elements="0" custom_feed="0" split="0" status="${1}" + local object end_time duration table_sets cnt_elements="0" custom_feed="0" split="0" status="${1}" [ -z "${ban_dev}" ] && f_conf if [ "${status}" = "active" ]; then - if [ -n "${ban_starttime}" ]; then - ban_endtime="$(date "+%s")" - duration="$(((ban_endtime - ban_starttime) / 60))m $(((ban_endtime - ban_starttime) % 60))s" + if [ -n "${ban_starttime}" ] && [ "${ban_action}" != "boot" ]; then + end_time="$(date "+%s")" + duration="$(((end_time - ban_starttime) / 60))m $(((end_time - ban_starttime) % 60))s" fi table_sets="$("${ban_nftcmd}" -tj list ruleset 2>/dev/null | "${ban_jsoncmd}" -qe '@.nftables[@.set.table="banIP"].set.name')" if [ "${ban_reportelements}" = "1" ]; then - for item in ${table_sets}; do - cnt_elements="$((cnt_elements + $("${ban_nftcmd}" -j list set inet banIP "${item}" 2>/dev/null | "${ban_jsoncmd}" -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)))" + for object in ${table_sets}; do + cnt_elements="$((cnt_elements + $("${ban_nftcmd}" -j list set inet banIP "${object}" 2>/dev/null | "${ban_jsoncmd}" -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)))" done fi runtime="action: ${ban_action:-"-"}, fetch: ${ban_fetchcmd##*/}, duration: ${duration:-"-"}, date: $(date "+%Y-%m-%d %H:%M:%S")" @@ -1437,13 +1474,11 @@ f_monitor() { local nft_expiry line proto ip log_raw log_count rdap_log rdap_rc rdap_elements rdap_info if [ -x "${ban_logreadcmd}" ] && [ -n "${ban_logterm%%??}" ] && [ "${ban_loglimit}" != "0" ]; then - f_log "info" "start detached banIP log service" [ -n "${ban_nftexpiry}" ] && nft_expiry="timeout $(printf "%s" "${ban_nftexpiry}" | "${ban_grepcmd}" -oE "([0-9]+[d|h|m|s])+$")" - "${ban_logreadcmd}" -fe "${ban_logterm%%??}" 2>/dev/null | while read -r line; do - : >"{ban_rdapfile}" + : >"${ban_rdapfile}" proto="" ip="$(printf "%s" "${line}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}[0-9]{1,3})+"}{if(!seen[RT]++)printf "%s ",RT}')" ip="$(f_trim "${ip}")" @@ -1455,7 +1490,7 @@ f_monitor() { ip="${ip##* }" [ -n "${ip}" ] && proto="v6" fi - if [ -n "${proto}" ] && ! "${ban_nftcmd}" get element inet banIP blocklist"${proto}" "{ ${ip} }" >/dev/null 2>&1; then + if [ -n "${proto}" ] && ! "${ban_nftcmd}" get element inet banIP blocklist"${proto}" "{ ${ip} }" >/dev/null 2>&1 && ! "${ban_grepcmd}" -q "^${ip}" "${ban_allowlist}"; then f_log "info" "suspicious IP '${ip}'" log_raw="$("${ban_logreadcmd}" -l "${ban_loglimit}" 2>/dev/null)" log_count="$(printf "%s\n" "${log_raw}" | "${ban_grepcmd}" -c "suspicious IP '${ip}'")" diff --git a/net/banip/files/banip-service.sh b/net/banip/files/banip-service.sh index 47abf43cac..67b45bff55 100755 --- a/net/banip/files/banip-service.sh +++ b/net/banip/files/banip-service.sh @@ -13,6 +13,7 @@ ban_funlib="/usr/lib/banip-functions.sh" # load config and set banIP environment # +[ "${ban_action}" = "boot" ] && sleep "$(uci_get banip global ban_triggerdelay "10")" f_conf f_log "info" "start banIP processing (${ban_action})" f_log "debug" "f_system ::: system: ${ban_sysver:-"n/a"}, version: ${ban_ver:-"n/a"}, memory: ${ban_memory:-"0"}, cpu_cores: ${ban_cores}" @@ -56,7 +57,11 @@ fi # handle downloads # f_log "info" "start banIP download processes" -[ "${ban_allowlistonly}" = "1" ] && ban_feed="" || f_getfeed +if [ "${ban_allowlistonly}" = "1" ]; then + ban_feed="" +else + f_getfeed +fi [ "${ban_deduplicate}" = "1" ] && printf "\n" >"${ban_tmpfile}.deduplicate" cnt="1" @@ -146,7 +151,7 @@ wait # if [ "${ban_mailnotification}" = "1" ] && [ -n "${ban_mailreceiver}" ] && [ -x "${ban_mailcmd}" ]; then ( - sleep ${ban_triggerdelay} + sleep 5 f_mail ) & fi diff --git a/net/banip/files/banip.init b/net/banip/files/banip.init index db584e2e27..a934b4a919 100755 --- a/net/banip/files/banip.init +++ b/net/banip/files/banip.init @@ -6,7 +6,7 @@ # (s)hellcheck exceptions # shellcheck disable=all -START=30 +START=95 USE_PROCD=1 extra_command "report" "[text|json|mail] Print banIP related Set statistics" @@ -22,8 +22,8 @@ ban_lock="/var/run/banip.lock" [ "${action}" = "boot" ] && "${ban_init}" running && exit 0 { [ "${action}" = "stop" ] || [ "${action}" = "report" ] || [ "${action}" = "search" ] || [ "${action}" = "survey" ] || [ "${action}" = "lookup" ]; } && ! "${ban_init}" running && exit 0 -[ -d "${ban_lock}" ] && { [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && exit 1 -[ ! -d "${ban_lock}" ] && { [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && mkdir -p "${ban_lock}" +[ -d "${ban_lock}" ] && { [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && exit 1 +[ ! -d "${ban_lock}" ] && { [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && mkdir -p "${ban_lock}" boot() { : >"${ban_pidfile}" @@ -32,7 +32,6 @@ boot() { start_service() { if "${ban_init}" enabled; then - [ "${action}" = "boot" ] && [ -n "$(uci_get banip global ban_trigger)" ] && return 0 [ -z "$(command -v "f_system")" ] && . "${ban_funlib}" f_rmpid procd_open_instance "banip-service" @@ -108,15 +107,16 @@ lookup() { } service_triggers() { - local iface trigger trigger_action delay + local iface trigger delay - trigger="$(uci_get banip global ban_trigger)" - trigger_action="$(uci_get banip global ban_triggeraction "start")" delay="$(uci_get banip global ban_triggerdelay "10")" - PROCD_RELOAD_DELAY=$((delay * 1000)) + trigger="$(uci_get banip global ban_trigger)" + PROCD_RELOAD_DELAY="$((delay * 1000))" for iface in ${trigger}; do - procd_add_interface_trigger "interface.*.up" "${iface}" "${ban_init}" "${trigger_action}" + procd_add_interface_trigger "interface.*.up" "${iface}" "${ban_init}" reload done + + PROCD_RELOAD_DELAY="$((2 * 1000))" procd_add_reload_trigger "banip" } diff --git a/net/banip/files/banip.tpl b/net/banip/files/banip.tpl index df5c7e8a18..18b06faf82 100644 --- a/net/banip/files/banip.tpl +++ b/net/banip/files/banip.tpl @@ -6,9 +6,9 @@ # local banip_info report_info log_info system_info mail_text -banip_info="$(/etc/init.d/banip status 2>/dev/null | awk '{NR=1;max=140;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')" +banip_info="$(/etc/init.d/banip status 2>/dev/null | awk '{NR=1;max=160;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')" report_info="$(cat ${ban_reportdir}/ban_report.txt 2>/dev/null)" -log_info="$("${ban_logreadcmd}" -l 100 -e "banIP/" 2>/dev/null | awk '{NR=1;max=140;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')" +log_info="$("${ban_logreadcmd}" -l 100 -e "banIP/" 2>/dev/null | awk '{NR=1;max=160;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')" system_info="$( strings /etc/banner 2>/dev/null ubus call system board | awk 'BEGIN{FS="[{}\"]"}{if($2=="kernel"||$2=="hostname"||$2=="system"||$2=="model"||$2=="description")printf " + %-12s: %s\n",$2,$4}' From 78bcdd0fd1291a1a02e0d73e43c28e04f36d507d Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Tue, 3 Oct 2023 22:59:58 +0800 Subject: [PATCH 14/54] python-packaging: Update to 23.2 Signed-off-by: Jeffery To --- lang/python/python-packaging/Makefile | 6 +++--- lang/python/python-packaging/test.sh | 11 +++++++++++ 2 files changed, 14 insertions(+), 3 deletions(-) create mode 100644 lang/python/python-packaging/test.sh diff --git a/lang/python/python-packaging/Makefile b/lang/python/python-packaging/Makefile index cb4e0d039b..1bec008bea 100644 --- a/lang/python/python-packaging/Makefile +++ b/lang/python/python-packaging/Makefile @@ -7,11 +7,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-packaging -PKG_VERSION:=23.1 +PKG_VERSION:=23.2 PKG_RELEASE:=1 PYPI_NAME:=packaging -PKG_HASH:=a392980d2b6cffa644431898be54b0045151319d1e7ec34f0cfed48767dd334f +PKG_HASH:=048fb0e9405036518eaaf48a55953c750c11e1a1b68e0dd1a9d62ed0c092cfc5 PKG_MAINTAINER:=Jan Pavlinec , Jeffery To PKG_LICENSE:=Apache-2.0 BSD-2-Clause @@ -32,7 +32,7 @@ define Package/python3-packaging SUBMENU:=Python TITLE:=Core utilities for Python packages URL:=https://github.com/pypa/packaging - DEPENDS:=+python3-light +python3-logging +python3-urllib + DEPENDS:=+python3-light +python3-email +python3-logging +python3-urllib endef define Package/python3-packaging/description diff --git a/lang/python/python-packaging/test.sh b/lang/python/python-packaging/test.sh new file mode 100644 index 0000000000..4fc13bae84 --- /dev/null +++ b/lang/python/python-packaging/test.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +[ "$1" = python3-packaging ] || exit 0 + +python3 - << EOF +import sys +from packaging.version import Version, parse +v1 = parse("1.0a5") +v2 = Version("1.0") +sys.exit(0 if v1 < v2 else 1) +EOF From 63993c5af9ff3dacd88e3b45ba6cde88a9cc1854 Mon Sep 17 00:00:00 2001 From: John Audia Date: Sun, 1 Oct 2023 10:30:44 -0400 Subject: [PATCH 15/54] ncdu: update to 1.19 Upstream bump Build system: x86_64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia --- utils/ncdu/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/ncdu/Makefile b/utils/ncdu/Makefile index 539288671f..5281742c1e 100644 --- a/utils/ncdu/Makefile +++ b/utils/ncdu/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ncdu -PKG_VERSION:=1.18.1 +PKG_VERSION:=1.19 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dev.yorhel.nl/download -PKG_HASH:=7c0fa1eb29d85aaed4ba174164bdbb8f011b5c390d017c57d668fc7231332405 +PKG_HASH:=30363019180cde0752c7fb006c12e154920412f4e1b5dc3090654698496bb17d PKG_MAINTAINER:=Charles E. Lehner PKG_LICENSE:=MIT From 2a4d2e8c9d950de947d45b39391f316f3a352e37 Mon Sep 17 00:00:00 2001 From: Amnon Paz Date: Tue, 26 Sep 2023 23:01:39 +0300 Subject: [PATCH 16/54] lua-openssl: Update to version 0.8.5-1 Signed-off-by: Amnon Paz --- lang/lua-openssl/Makefile | 4 ++-- lang/lua-openssl/patches/010-no-luajit.patch | 12 ++++++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/lang/lua-openssl/Makefile b/lang/lua-openssl/Makefile index 29f70453dd..9595478f6c 100644 --- a/lang/lua-openssl/Makefile +++ b/lang/lua-openssl/Makefile @@ -12,8 +12,8 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/zhaozg/lua-openssl.git -PKG_SOURCE_VERSION:=0.8.2-1 -PKG_MIRROR_HASH:=3a7c8fcd76389970671bc8d07fe7a06225e537850b1ad209dda436fb3b5ea0cb +PKG_SOURCE_VERSION:=0.8.5-1 +PKG_MIRROR_HASH:=d2875aa9b87a80c71d57e2b29c8e882b41aa81f995043e0fbae9a642250ab1c7 PKG_MAINTAINER:=Amnon Paz PKG_LICENSE:=MIT diff --git a/lang/lua-openssl/patches/010-no-luajit.patch b/lang/lua-openssl/patches/010-no-luajit.patch index 502e2ca259..4530cde4e9 100644 --- a/lang/lua-openssl/patches/010-no-luajit.patch +++ b/lang/lua-openssl/patches/010-no-luajit.patch @@ -1,10 +1,14 @@ --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -8,7 +8,6 @@ option(BUILD_SHARED_LUA_OPENSSL "Shared +@@ -8,10 +8,7 @@ option(BUILD_SHARED_LUA_OPENSSL "Shared include(GNUInstallDirs) -find_package(LuaJIT) - if(NOT LUAJIT_FOUND) - find_package(Lua REQUIRED) - endif() +-if(NOT LUAJIT_FOUND) +- find_package(Lua REQUIRED) +-endif() ++find_package(Lua REQUIRED) + find_package(OpenSSL REQUIRED) + + set(CMAKE_THREAD_PREFER_PTHREAD TRUE) From 62f01d7b36ca621f3b9e2e01c78a64e897dbf4e8 Mon Sep 17 00:00:00 2001 From: Jan Kratochvil Date: Tue, 3 Oct 2023 12:46:43 +0800 Subject: [PATCH 17/54] ffmpeg: Add avi muxer Otherwise one cannot produce *.avi containers needed for some H.264 camera codecs. Signed-off-by: Jan Kratochvil --- multimedia/ffmpeg/Config.in | 3 +++ multimedia/ffmpeg/Makefile | 1 + 2 files changed, 4 insertions(+) diff --git a/multimedia/ffmpeg/Config.in b/multimedia/ffmpeg/Config.in index 93cdd67cd2..574ba27830 100644 --- a/multimedia/ffmpeg/Config.in +++ b/multimedia/ffmpeg/Config.in @@ -303,6 +303,9 @@ comment "Muxers" config FFMPEG_CUSTOM_MUXER_ac3 bool "AC3" +config FFMPEG_CUSTOM_MUXER_avi + bool "AVI" + config FFMPEG_CUSTOM_MUXER_h264 bool "H.264 Raw Video" depends on FFMPEG_CUSTOM_PATENTED diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile index cd9c2fff52..af45a494e3 100644 --- a/multimedia/ffmpeg/Makefile +++ b/multimedia/ffmpeg/Makefile @@ -69,6 +69,7 @@ FFMPEG_CUSTOM_DECODERS:= \ FFMPEG_CUSTOM_MUXERS:= \ ac3 \ + avi \ ffm \ h264 \ hevc \ From 2227198d74d3fe1e8ae547a632305b2f6e7434f9 Mon Sep 17 00:00:00 2001 From: Jan Kratochvil Date: Wed, 4 Oct 2023 10:13:20 +0800 Subject: [PATCH 18/54] ffmpeg: bump PKG_RELEASE Suggested by @neheb. Signed-off-by: Jan Kratochvil --- multimedia/ffmpeg/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile index af45a494e3..cd0d383f21 100644 --- a/multimedia/ffmpeg/Makefile +++ b/multimedia/ffmpeg/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ffmpeg PKG_VERSION:=5.1.3 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://ffmpeg.org/releases/ From 54593c0ba9a52ca72c69a1041b11bc9ef558db77 Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Wed, 4 Oct 2023 10:31:50 +0800 Subject: [PATCH 19/54] wget: Update to 1.21.4 Removed upstreamed patches and unneeded autoreconf. Signed-off-by: Tianling Shen --- net/wget/Makefile | 7 +- .../001-upstream-fix-disable-ntlm-1.patch | 25 ------- .../002-upstream-fix-disable-ntlm-2.patch | 65 ------------------- 3 files changed, 3 insertions(+), 94 deletions(-) delete mode 100644 net/wget/patches/001-upstream-fix-disable-ntlm-1.patch delete mode 100644 net/wget/patches/002-upstream-fix-disable-ntlm-2.patch diff --git a/net/wget/Makefile b/net/wget/Makefile index f70c0def72..aa06b4df17 100644 --- a/net/wget/Makefile +++ b/net/wget/Makefile @@ -8,19 +8,18 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wget -PKG_VERSION:=1.21.3 -PKG_RELEASE:=3 +PKG_VERSION:=1.21.4 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@GNU/$(PKG_NAME) -PKG_HASH:=5726bb8bc5ca0f6dc7110f6416e4bb7019e2d2ff5bf93d1ca2ffcc6656f220e5 +PKG_HASH:=81542f5cefb8faacc39bbbc6c82ded80e3e4a88505ae72ea51df27525bcde04c PKG_MAINTAINER:= PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:gnu:wget -PKG_FIXUP:=autoreconf PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 diff --git a/net/wget/patches/001-upstream-fix-disable-ntlm-1.patch b/net/wget/patches/001-upstream-fix-disable-ntlm-1.patch deleted file mode 100644 index 5b3b1a64f8..0000000000 --- a/net/wget/patches/001-upstream-fix-disable-ntlm-1.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 485217d0ff8d0d17ea3815244b2bc2b747451e15 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Sat, 10 Dec 2022 16:43:38 +0100 -Subject: [PATCH] * configure.ac: Allow disabling NTLM if nettle present (Savannah #63431) - ---- - configure.ac | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - ---- a/configure.ac -+++ b/configure.ac -@@ -648,8 +648,11 @@ else - - if test x"$HAVE_NETTLE" = xyes; then - AC_DEFINE([HAVE_NETTLE], [1], [Use libnettle]) -- ENABLE_NTLM=yes -- AC_DEFINE([ENABLE_NTLM], 1, [Define if you want the NTLM authorization support compiled in.]) -+ if test x"$ENABLE_NTLM" != xno -+ then -+ ENABLE_NTLM=yes -+ AC_DEFINE([ENABLE_NTLM], 1, [Define if you want the NTLM authorization support compiled in.]) -+ fi - fi - fi - diff --git a/net/wget/patches/002-upstream-fix-disable-ntlm-2.patch b/net/wget/patches/002-upstream-fix-disable-ntlm-2.patch deleted file mode 100644 index 91fb52aa31..0000000000 --- a/net/wget/patches/002-upstream-fix-disable-ntlm-2.patch +++ /dev/null @@ -1,65 +0,0 @@ -From c69030a904f8ab25b9ca2704c8a6dd03554e9503 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Sun, 11 Dec 2022 13:31:38 +0100 -Subject: [PATCH] * configure.ac: Disable nettle if NTLM is explicitly disabled - ---- - configure.ac | 41 +++++++++++++++++++---------------------- - 1 file changed, 19 insertions(+), 22 deletions(-) - ---- a/configure.ac -+++ b/configure.ac -@@ -622,34 +622,31 @@ AS_IF([test x"$with_ssl" = xopenssl], [ - ]) # endif: --with-ssl == openssl? - - dnl Enable NTLM if requested and if SSL is available. --if test x"$LIBSSL" != x || test "$ac_cv_lib_ssl32_SSL_connect" = yes -+if test x"$ENABLE_NTLM" != xno - then -- if test x"$ENABLE_NTLM" != xno -+ if test x"$LIBSSL" != x || test "$ac_cv_lib_ssl32_SSL_connect" = yes - then - ENABLE_NTLM=yes - AC_DEFINE([ENABLE_NTLM], 1, [Define if you want the NTLM authorization support compiled in.]) -- fi --else -- PKG_CHECK_MODULES([NETTLE], nettle, [ -- HAVE_NETTLE=yes -- LIBS="$NETTLE_LIBS $LIBS" -- CFLAGS="$NETTLE_CFLAGS $CFLAGS" -- ], [ -- AC_CHECK_LIB(nettle, nettle_md4_init, [HAVE_NETTLE=yes], [HAVE_NETTLE=no; AC_MSG_WARN(*** libnettle was not found. You will not be able to use NTLM)]) -- if test x"$HAVE_NETTLE" != xyes; then -- if test x"$ENABLE_NTLM" = xyes; then -- AC_MSG_ERROR([NTLM authorization requested and SSL not enabled; aborting]) -- fi -- else -- AC_SUBST(NETTLE_LIBS, "-lnettle") -+ else -+ PKG_CHECK_MODULES([NETTLE], nettle, [ -+ HAVE_NETTLE=yes - LIBS="$NETTLE_LIBS $LIBS" -- fi -- ]) -+ CFLAGS="$NETTLE_CFLAGS $CFLAGS" -+ ], [ -+ AC_CHECK_LIB(nettle, nettle_md4_init, [HAVE_NETTLE=yes], [HAVE_NETTLE=no; AC_MSG_WARN(*** libnettle was not found. You will not be able to use NTLM)]) -+ if test x"$HAVE_NETTLE" != xyes; then -+ if test x"$ENABLE_NTLM" = xyes; then -+ AC_MSG_ERROR([NTLM authorization requested and SSL not enabled; aborting]) -+ fi -+ else -+ AC_SUBST(NETTLE_LIBS, "-lnettle") -+ LIBS="$NETTLE_LIBS $LIBS" -+ fi -+ ]) - -- if test x"$HAVE_NETTLE" = xyes; then -- AC_DEFINE([HAVE_NETTLE], [1], [Use libnettle]) -- if test x"$ENABLE_NTLM" != xno -- then -+ if test x"$HAVE_NETTLE" = xyes; then -+ AC_DEFINE([HAVE_NETTLE], [1], [Use libnettle]) - ENABLE_NTLM=yes - AC_DEFINE([ENABLE_NTLM], 1, [Define if you want the NTLM authorization support compiled in.]) - fi From 5bfbc5898389c969c03938238db880d6dd3fe81f Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Mon, 17 Jul 2023 08:48:41 +0200 Subject: [PATCH 20/54] keepalived: update to version 2.2.8 See release-notes: https://www.keepalived.org/release-notes/Release-2.2.8.html Signed-off-by: Florian Eckert --- net/keepalived/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/keepalived/Makefile b/net/keepalived/Makefile index 217b12c13a..9ef1a0349b 100644 --- a/net/keepalived/Makefile +++ b/net/keepalived/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=keepalived -PKG_VERSION:=2.2.7 -PKG_RELEASE:=10 +PKG_VERSION:=2.2.8 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.keepalived.org/software -PKG_HASH:=c61940d874154a560a54627ecf7ef47adebdf832164368d10bf242a4d9b7d49d +PKG_HASH:=85882eb62974f395d4c631be990a41a839594a7e62fbfebcb5649a937a7a1bb6 PKG_CPE_ID:=cpe:/a:keepalived:keepalived PKG_LICENSE:=GPL-2.0-or-later From 5462d06ba86ff728850e621b789556da32d5432e Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Thu, 10 Nov 2022 15:11:04 +0100 Subject: [PATCH 21/54] keepalived: add PING_CHECK to real_server Signed-off-by: Florian Eckert --- net/keepalived/Makefile | 2 +- net/keepalived/files/keepalived.init | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/net/keepalived/Makefile b/net/keepalived/Makefile index 9ef1a0349b..3ca584a371 100644 --- a/net/keepalived/Makefile +++ b/net/keepalived/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=keepalived PKG_VERSION:=2.2.8 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.keepalived.org/software diff --git a/net/keepalived/files/keepalived.init b/net/keepalived/files/keepalived.init index b13f10c40e..77f1e1778f 100644 --- a/net/keepalived/files/keepalived.init +++ b/net/keepalived/files/keepalived.init @@ -502,6 +502,10 @@ real_server() { printf '%breal_server %s %d {\n' "${INDENT_1}" "$ipaddr" "$port" >> "$KEEPALIVED_CONF" printf '%bweight %d\n' "${INDENT_2}" "$weight" >> "$KEEPALIVED_CONF" case "$check" in + PING_CHECK) + printf '%b%s {\n' "${INDENT_2}" "$check" >> "$KEEPALIVED_CONF" + printf '%b}\n' "${INDENT_2}" >> "$KEEPALIVED_CONF" + ;; TCP_CHECK) printf '%b%s {\n' "${INDENT_2}" "$check" >> "$KEEPALIVED_CONF" print_elems_indent "$1" "$INDENT_3" connect_timeout \ From 09f20658d9d7d2b561dae225f1701e1b0eb90737 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Thu, 10 Nov 2022 15:04:11 +0100 Subject: [PATCH 22/54] keepalived: add notify_up and notify_down for virtual server Signed-off-by: Florian Eckert --- net/keepalived/Makefile | 2 +- net/keepalived/files/keepalived.init | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/net/keepalived/Makefile b/net/keepalived/Makefile index 3ca584a371..62f4373f72 100644 --- a/net/keepalived/Makefile +++ b/net/keepalived/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=keepalived PKG_VERSION:=2.2.8 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.keepalived.org/software diff --git a/net/keepalived/files/keepalived.init b/net/keepalived/files/keepalived.init index 77f1e1778f..63beb29833 100644 --- a/net/keepalived/files/keepalived.init +++ b/net/keepalived/files/keepalived.init @@ -88,8 +88,11 @@ print_notify() { shift local name="$1" shift + local indent="$1" + shift + for notify in "$@"; do - printf '%b%s' "${INDENT_1}" "$notify">> "$KEEPALIVED_CONF" + printf '%b%s' "${indent}" "$notify">> "$KEEPALIVED_CONF" notify="$(echo "$notify" | tr 'a-z' 'A-Z')" printf ' "/bin/busybox env -i ACTION=%s TYPE=%s NAME=%s /sbin/hotplug-call keepalived"\n' "$notify" "$type" "$name" >> "$KEEPALIVED_CONF" done @@ -320,7 +323,7 @@ vrrp_sync_group() { print_elems_indent "$1" "$INDENT_1" no_val_smtp_alert no_val_global_tracking - print_notify "GROUP" "$name" notify_backup notify_master \ + print_notify "GROUP" "$name" "$INDENT_1" notify_backup notify_master \ notify_fault notify config_section_close @@ -352,7 +355,7 @@ vrrp_instance() { no_val_dont_track_primary no_val_smtp_alert no_val_nopreempt \ no_val_use_vmac - print_notify "INSTANCE" "$name" notify_backup notify_master \ + print_notify "INSTANCE" "$name" "$INDENT_1" notify_backup notify_master \ notify_fault notify_stop # Handle virtual_ipaddress & virtual_ipaddress_excluded lists @@ -501,6 +504,7 @@ real_server() { [ -n "$ipaddr" ] && [ -n "$port" ] && { printf '%breal_server %s %d {\n' "${INDENT_1}" "$ipaddr" "$port" >> "$KEEPALIVED_CONF" printf '%bweight %d\n' "${INDENT_2}" "$weight" >> "$KEEPALIVED_CONF" + print_notify "REAL_SERVER" "$name" "$INDENT_2" notify_up notify_down case "$check" in PING_CHECK) printf '%b%s {\n' "${INDENT_2}" "$check" >> "$KEEPALIVED_CONF" From 4dd49d7c3cd571107958154f1ed1ec8d8dba7464 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Wed, 4 Oct 2023 12:26:54 +0200 Subject: [PATCH 23/54] syslog-ng: update to version 4.4.0 - Release notes: https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.4.0 - Bump version in config file Signed-off-by: Josef Schlehofer --- admin/syslog-ng/Makefile | 4 ++-- admin/syslog-ng/files/syslog-ng.conf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/admin/syslog-ng/Makefile b/admin/syslog-ng/Makefile index 9612566fac..829142fbe9 100644 --- a/admin/syslog-ng/Makefile +++ b/admin/syslog-ng/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=syslog-ng -PKG_VERSION:=4.3.1 +PKG_VERSION:=4.4.0 PKG_RELEASE:=1 PKG_MAINTAINER:=Josef Schlehofer @@ -11,7 +11,7 @@ PKG_CPE_ID:=cpe:/a:balabit:syslog-ng PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/syslog-ng/syslog-ng/releases/download/$(PKG_NAME)-$(PKG_VERSION)/ -PKG_HASH:=999dbab62982c3cffba02c0be22c596ee1ce81d6954689dc9b3a6afeb513cce3 +PKG_HASH:=583b147f3ec17fbc2dbbf31aafb1e3966237d7541313de5b41ea885dc16d932e PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 diff --git a/admin/syslog-ng/files/syslog-ng.conf b/admin/syslog-ng/files/syslog-ng.conf index d4ce83b54d..92574be61b 100644 --- a/admin/syslog-ng/files/syslog-ng.conf +++ b/admin/syslog-ng/files/syslog-ng.conf @@ -4,7 +4,7 @@ # More details about these settings can be found here: # https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition -@version: 4.3 +@version: 4.4 @include "scl.conf" options { From c230d7bd7f8a794032d2414588f1cdfc1a5ec74e Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Wed, 4 Oct 2023 16:19:07 -0300 Subject: [PATCH 24/54] python3: avoid unnecessary rebuilds Move the order in which BuildPackage is called, so that the libpython package is built ahead of the module packages, to avoid forcing a clean-build of the package when 'make package/python3/compile' is called a second time without changes. The library must be built first, so that when the buildsystem checks for ABI version changes using libpython3.version, its timestamp should be older than the dependent package's STAMP_PREPARED file. Signed-off-by: Eneas U de Queiroz --- lang/python/python3/Makefile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lang/python/python3/Makefile b/lang/python/python3/Makefile index a54d027040..14915715bc 100644 --- a/lang/python/python3/Makefile +++ b/lang/python/python3/Makefile @@ -358,12 +358,6 @@ endef $(eval $(call HostBuild)) -$(foreach package, $(PYTHON3_PACKAGES), \ - $(eval $(call Py3Package,$(package))) \ - $(eval $(call BuildPackage,$(package))) \ - $(eval $(call BuildPackage,$(package)-src)) \ -) - $(eval $(call BuildPackage,libpython3)) $(eval $(call BuildPackage,python3)) @@ -375,3 +369,9 @@ $(eval $(call BuildPackage,python3-light)) $(eval $(call BuildPackage,python3-base-src)) $(eval $(call BuildPackage,python3-light-src)) + +$(foreach package, $(PYTHON3_PACKAGES), \ + $(eval $(call Py3Package,$(package))) \ + $(eval $(call BuildPackage,$(package))) \ + $(eval $(call BuildPackage,$(package)-src)) \ +) From c980086b1e4353fcdbd9f44065ce1cbf9c158e09 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Thu, 5 Oct 2023 14:16:07 +0200 Subject: [PATCH 25/54] tor-fw-helper: remove it This package does not receive any update since 2015. [1] It seems unmaintained and most likely not used at all. [1] https://gitweb.torproject.org/tor-fw-helper.git/ Signed-off-by: Josef Schlehofer --- net/tor-fw-helper/Makefile | 78 -------------------------------------- 1 file changed, 78 deletions(-) delete mode 100644 net/tor-fw-helper/Makefile diff --git a/net/tor-fw-helper/Makefile b/net/tor-fw-helper/Makefile deleted file mode 100644 index e46159d123..0000000000 --- a/net/tor-fw-helper/Makefile +++ /dev/null @@ -1,78 +0,0 @@ -# -# Copyright (C) 2018 Jeffery To -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=tor-fw-helper -PKG_VERSION:=0.3 -PKG_RELEASE:=2 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://git.torproject.org/tor-fw-helper.git -PKG_SOURCE_VERSION:=481599ee37dd3135c9e17d1df4810f36b4de4e3d -PKG_SOURCE_DATE:=20150805 -PKG_MIRROR_HASH:=f22d1400bec6b62636bd59cb3a51befc9cddbacccb790a758694c589cb2bc032 - -PKG_LICENSE:=BSD-3-Clause -PKG_LICENSE_FILES:=LICENSE -PKG_MAINTAINER:=Jeffery To - -PKG_BUILD_DEPENDS:=golang/host -PKG_BUILD_PARALLEL:=1 -PKG_BUILD_FLAGS:=no-mips16 - -GO_PKG:=git.torproject.org/tor-fw-helper.git - -include $(INCLUDE_DIR)/package.mk -include ../../lang/golang/golang-package.mk - -define Package/tor-fw-helper/Default - TITLE:=Firewall helper for tor - URL:=https://gitweb.torproject.org/tor-fw-helper.git/ - DEPENDS:=$(GO_ARCH_DEPENDS) -endef - -define Package/tor-fw-helper -$(call Package/tor-fw-helper/Default) - SECTION:=net - CATEGORY:=Network -endef - -define Package/golang-torproject-tor-fw-helper-dev -$(call Package/tor-fw-helper/Default) -$(call GoPackage/GoSubMenu) - TITLE+= (source files) - PKGARCH:=all -endef - -define Package/tor-fw-helper/Default/description -tor-fw-helper is a helper to automatically configuring port forwarding -for tor, using UPnP or NAT-PMP NAT traversal. - -This is a tor-fw-helper rewrite in Go that functions as a drop in -replacement for the original C code. -endef - -define Package/tor-fw-helper/description -$(call Package/tor-fw-helper/Default/description) - -This package contains the main helper program. -endef - -define Package/golang-torproject-tor-fw-helper-dev/description -$(call Package/tor-fw-helper/Default/description) - -This package provides the source files for the helper program. -endef - -GO_PKG_BUILD_VARS += GO111MODULE=auto - -$(eval $(call GoBinPackage,tor-fw-helper)) -$(eval $(call BuildPackage,tor-fw-helper)) - -$(eval $(call GoSrcPackage,golang-torproject-tor-fw-helper-dev)) -$(eval $(call BuildPackage,golang-torproject-tor-fw-helper-dev)) From 13a88d0b79142f385d77baaa390211673bf6b9c0 Mon Sep 17 00:00:00 2001 From: Stan Grishin Date: Thu, 5 Oct 2023 14:51:51 +0000 Subject: [PATCH 26/54] adblock-fast: bugfix: properly identify hosts-files * escape dots in grep command to properly identify hosts files Signed-off-by: Stan Grishin --- net/adblock-fast/Makefile | 2 +- net/adblock-fast/files/etc/init.d/adblock-fast | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/net/adblock-fast/Makefile b/net/adblock-fast/Makefile index bd7ad9845b..f923a27b47 100644 --- a/net/adblock-fast/Makefile +++ b/net/adblock-fast/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock-fast PKG_VERSION:=1.0.0 -PKG_RELEASE:=5 +PKG_RELEASE:=6 PKG_MAINTAINER:=Stan Grishin PKG_LICENSE:=GPL-3.0-or-later diff --git a/net/adblock-fast/files/etc/init.d/adblock-fast b/net/adblock-fast/files/etc/init.d/adblock-fast index f885bd1052..8229f0845d 100755 --- a/net/adblock-fast/files/etc/init.d/adblock-fast +++ b/net/adblock-fast/files/etc/init.d/adblock-fast @@ -282,7 +282,7 @@ append_url() { echo 'dnsmasq2' elif grep -q '^address=' "$file"; then echo 'dnsmasq3' - elif grep -q '^0.0.0.0' "$file" || grep -q '^127.0.0.1' "$file"; then + elif grep -q '^0\.0\.0\.0' "$file" || grep -q '^127\.0\.0\.1' "$file"; then echo 'hosts' elif [ -n "$(sed "$domainsFilter" "$file" | head -1)" ]; then echo 'domains' @@ -1536,6 +1536,7 @@ adb_start() { json_close_array procd_close_data procd_close_instance + return 0 } adb_status() { @@ -1568,12 +1569,13 @@ adb_status() { n=$((n+1)) done fi + return 0 } # shellcheck disable=SC2120 adb_stop() { local validation_result="$3" - load_environment "$validation_result" 'quiet' || return 1 + load_environment "$validation_result" 'quiet' || return 0 if [ -s "$outputFile" ]; then output "Stopping $serviceName... " cache 'create' @@ -1593,6 +1595,7 @@ adb_stop() { output "${_ERROR_}: $(get_text 'errorStopping')!\\n" fi fi + return 0 } adb_pause() { From 79b173a0c5e7cbb610a510ab759af1de488196c5 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Wed, 4 Oct 2023 08:54:15 -0300 Subject: [PATCH 27/54] pymysql: add meta-package for sha256 support Replace the PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT option, which is causing circular dependencies, with a meta-package that installs both python3-pymysql and python3-cryptography. Signed-off-by: Eneas U de Queiroz --- lang/python/pymysql/Config.in | 11 ----------- lang/python/pymysql/Makefile | 27 ++++++++++++++++++++++----- 2 files changed, 22 insertions(+), 16 deletions(-) delete mode 100644 lang/python/pymysql/Config.in diff --git a/lang/python/pymysql/Config.in b/lang/python/pymysql/Config.in deleted file mode 100644 index 0dfa265b09..0000000000 --- a/lang/python/pymysql/Config.in +++ /dev/null @@ -1,11 +0,0 @@ -menu "Configuration" - depends on PACKAGE_python3-pymysql - -config PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT - bool "Enable support for SHA password authentication" - help - To use “sha256_password” or “caching_sha2_password” for authentication - this symbol needs to be enabled, to also install python3-cryptography. - default n - -endmenu diff --git a/lang/python/pymysql/Makefile b/lang/python/pymysql/Makefile index d5187bd57e..025a97adce 100644 --- a/lang/python/pymysql/Makefile +++ b/lang/python/pymysql/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pymysql PKG_VERSION:=1.1.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PYPI_NAME:=PyMySQL PKG_HASH:=4f13a7df8bf36a51e81dd9f3605fede45a4878fe02f9236349fd82a3f0612f96 @@ -24,23 +24,40 @@ include ../pypi.mk include $(INCLUDE_DIR)/package.mk include ../python3-package.mk -define Package/python3-pymysql +define Package/python3-pymysql/Default SUBMENU:=Python SECTION:=lang CATEGORY:=Languages TITLE:=Pure Python MySQL Client URL:=https://pymysql.readthedocs.io/ - DEPENDS:=+python3 +PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT:python3-cryptography endef -define Package/python3-pymysql/config - source "$(SOURCE)/Config.in" +define Package/python3-pymysql +$(call Package/python3-pymysql/Default) + DEPENDS:=+python3 endef define Package/python3-pymysql/description This package contains a pure-Python MySQL client library, based on PEP 249. endef +define Package/python3-pymysql-sha-pwd +$(call Package/python3-pymysql/Default) + TITLE+=w/ SHA256 password auth + DEPENDS:=+python3-pymysql $(RUST_ARCH_DEPENDS) +PACKAGE_python3-pymysql-sha-pwd:python3-cryptography +endef + +define Package/python3-pymysql-sha-pwd/description + This is a meta-package installing python3-pymysql and python3-cryptography + packages to be able to use pymysql with “sha256_password” or + “caching_sha2_password” for authentication. +endef + +define Package/python3-pymysql-sha-pwd/install + true +endef + $(eval $(call Py3Package,python3-pymysql)) $(eval $(call BuildPackage,python3-pymysql)) $(eval $(call BuildPackage,python3-pymysql-src)) +$(eval $(call BuildPackage,python3-pymysql-sha-pwd)) From e429c11b04c7f4ecc67f69e3d40042b499508526 Mon Sep 17 00:00:00 2001 From: Jan Kratochvil Date: Thu, 5 Oct 2023 03:51:51 +0800 Subject: [PATCH 28/54] ffmpeg: fix compilation error of ffmpeg-custom Fixes: #12320 After plain enable of libffmpeg-custom and ffmpeg-custom which adds: - CONFIG_PACKAGE_libbz2=m - CONFIG_PACKAGE_libffmpeg-custom=m - CONFIG_FFMPEG_CUSTOM_GPL=y - CONFIG_PACKAGE_zlib=m - CONFIG_PACKAGE_ffmpeg-custom=m I get on v22.03.5 compilation error: ``` cp -fpR /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-install/usr/bin/ffmpeg /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-mips_24kc/ffmpeg-custom/usr/bin/ cp: cannot stat '/.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-install/usr/bin/ffmpeg': No such file or directory make[2]: *** [Makefile:756: /.../openwrt-git/bin/packages/mips_24kc/packages/ffmpeg-custom_5.1-1_mips_24kc.ipk] Error 1 ``` It is because configure is missing `ffmpeg` in its `Programs:` section: ``` ( cd /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1; CFLAGS="-Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -msoft-float -mips16 -minterlink-mips16 -fmacro-prefix-map=/.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1=ffmpeg-5.1 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/usr/include -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/include/fortify -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/include -DPIC -fpic" LDFLAGS="-L/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/usr/lib -L/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/lib -znow -zrelro" ./configure --enable-cross-compile --cross-prefix="mips-openwrt-linux-musl-" --arch="mips" --cpu=24kc --target-os=linux --prefix="/usr" --pkg-config="pkg-config" --enable-shared --enable-static --enable-pthreads --enable-zlib --disable-doc --disable-debug --disable-lzma --disable-vaapi --disable-vdpau --disable-outdevs --disable-altivec --disable-vsx --disable-power8 --disable-armv5te --disable-armv6 --disable-armv6t2 --disable-fast-unaligned --disable-runtime-cpudetect --disable-x86asm --enable-small --enable-gpl --disable-programs --disable-avfilter --disable-swresample --disable-swscale --disable-everything --disable-postproc ) install prefix /usr source path . C compiler mips-openwrt-linux-musl-gcc C library host C compiler gcc host C library glibc ARCH mips (24kc) big-endian yes runtime cpu detection no MIPS FPU enabled no MIPS DSP R1 enabled no MIPS DSP R2 enabled no MIPS MSA enabled no LOONGSON MMI enabled no debug symbols no strip symbols yes optimize for size yes optimizations yes static yes shared yes postprocessing support no network support yes threading support pthreads safe bitstream reader yes texi2html enabled no perl enabled yes pod2man enabled yes makeinfo enabled yes makeinfo supports HTML no xmllint enabled yes External libraries: alsa iconv bzlib zlib External libraries providing hardware acceleration: cuda_llvm v4l2_m2m Libraries: avcodec avformat avdevice avutil Programs: Enabled decoders: Enabled encoders: Enabled hwaccels: Enabled parsers: Enabled demuxers: Enabled muxers: Enabled protocols: Enabled filters: Enabled bsfs: Enabled indevs: Enabled outdevs: License: GPL version 2 or later ``` Signed-off-by: Jan Kratochvil --- multimedia/ffmpeg/Makefile | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile index cd0d383f21..f54db0310c 100644 --- a/multimedia/ffmpeg/Makefile +++ b/multimedia/ffmpeg/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ffmpeg PKG_VERSION:=5.1.3 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://ffmpeg.org/releases/ @@ -534,6 +534,12 @@ ifeq ($(BUILD_VARIANT),custom) --disable-swresample endif + ifneq ($(CONFIG_PACKAGE_ffmpeg-custom),n) + FFMPEG_CONFIGURE+= \ + --enable-avfilter \ + --enable-ffmpeg + endif + FFMPEG_CONFIGURE+= \ --disable-swscale \ --disable-everything \ @@ -648,6 +654,11 @@ define Build/InstallDev/custom $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avformat,avutil}.{a,so*} $(1)/usr/lib/ ifeq ($(CONFIG_FFMPEG_CUSTOM_PROGRAMS),y) $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avfilter,swresample}.{a,so*} $(1)/usr/lib/ +endif +ifeq ($(BUILD_VARIANT),custom) + ifneq ($(CONFIG_PACKAGE_ffmpeg-custom),n) + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libavfilter.{a,so*} $(1)/usr/lib/ + endif endif $(INSTALL_DIR) $(1)/usr/lib/pkgconfig $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avdevice,avformat,avutil}.pc $(1)/usr/lib/pkgconfig/ @@ -731,6 +742,11 @@ endif ifeq ($(CONFIG_FFMPEG_CUSTOM_PROGRAMS),y) $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avfilter,swresample}.so.* $(1)/usr/lib/ endif +ifeq ($(BUILD_VARIANT),custom) + ifneq ($(CONFIG_PACKAGE_ffmpeg-custom),n) + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libavfilter.so.* $(1)/usr/lib/ + endif +endif endef # Only ffmpeg with libx264 is GPL (yes libpostproc); all other builds are lgpl (no libpostproc) From 00841f98731fe7599c7f2cae2bf4e08599833647 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Fri, 29 Sep 2023 11:37:08 +0800 Subject: [PATCH 29/54] python-twisted: Update to 23.8.0, rework patches The package changed to the hatchling build backend. Signed-off-by: Jeffery To --- lang/python/python-twisted/Makefile | 17 ++++------- .../patches/001-omit-tkconch.patch | 20 ++++++------- .../patches/002-omit-tests.patch | 28 ++++++------------- lang/python/python-twisted/test.sh | 5 ++++ 4 files changed, 30 insertions(+), 40 deletions(-) create mode 100644 lang/python/python-twisted/test.sh diff --git a/lang/python/python-twisted/Makefile b/lang/python/python-twisted/Makefile index 1b54cb0c47..5befac2b3e 100644 --- a/lang/python/python-twisted/Makefile +++ b/lang/python/python-twisted/Makefile @@ -9,11 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-twisted -PKG_VERSION:=22.10.0 +PKG_VERSION:=23.8.0 PKG_RELEASE:=1 PYPI_NAME:=Twisted -PKG_HASH:=32acbd40a94f5f46e7b42c109bfae2b302250945561783a8b7a059048f2d4d31 +PYPI_SOURCE_NAME:=twisted +PKG_HASH:=3c73360add17336a622c0d811c2a2ce29866b6e59b1125fd6509b17252098a24 PKG_BUILD_DEPENDS:=libtirpc @@ -22,7 +23,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_MAINTAINER:=Jeffery To PKG_CPE_ID:=cpe:/a:twistedmatrix:twisted -PKG_BUILD_DEPENDS:=python-incremental/host +PKG_BUILD_DEPENDS:=python-hatchling/host python-hatch-fancy-pypi-readme/host python-incremental/host include ../pypi.mk include $(INCLUDE_DIR)/package.mk @@ -45,8 +46,6 @@ define Package/python3-twisted +python3-hyperlink \ +python3-idna \ +python3-incremental \ - +python3-pkg-resources \ - +python3-pyasn1 \ +python3-pyopenssl \ +python3-service-identity \ +python3-typing-extensions \ @@ -55,12 +54,8 @@ endef define Package/python3-twisted/description Twisted is a networking engine written in Python, supporting numerous -protocols. It contains a web server, numerous chat clients, chat servers, -mail servers, and more. -endef - -define Build/Configure - $(SED) 's/^version = attr: twisted.__version__$$$$/version = $(PKG_VERSION)/' $(PKG_BUILD_DIR)/setup.cfg +protocols. It contains a web server, numerous chat clients, chat +servers, mail servers, and more. endef define Py3Package/python3-twisted/filespec diff --git a/lang/python/python-twisted/patches/001-omit-tkconch.patch b/lang/python/python-twisted/patches/001-omit-tkconch.patch index a1a37771b2..bf8873f414 100644 --- a/lang/python/python-twisted/patches/001-omit-tkconch.patch +++ b/lang/python/python-twisted/patches/001-omit-tkconch.patch @@ -1,13 +1,13 @@ ---- a/setup.cfg -+++ b/setup.cfg -@@ -115,7 +115,6 @@ console_scripts = - conch = twisted.conch.scripts.conch:run - mailmail = twisted.mail.scripts.mailmail:run - pyhtmlizer = twisted.scripts.htmlizer:run -- tkconch = twisted.conch.scripts.tkconch:run - trial = twisted.scripts.trial:run - twist = twisted.application.twist._twist:Twist.main - twistd = twisted.scripts.twistd:run +--- a/pyproject.toml ++++ b/pyproject.toml +@@ -150,7 +150,6 @@ ckeygen = "twisted.conch.scripts.ckeygen + conch = "twisted.conch.scripts.conch:run" + mailmail = "twisted.mail.scripts.mailmail:run" + pyhtmlizer = "twisted.scripts.htmlizer:run" +-tkconch = "twisted.conch.scripts.tkconch:run" + trial = "twisted.scripts.trial:run" + twist = "twisted.application.twist._twist:Twist.main" + twistd = "twisted.scripts.twistd:run" --- a/src/twisted/python/twisted-completion.zsh +++ b/src/twisted/python/twisted-completion.zsh @@ -1,4 +1,4 @@ diff --git a/lang/python/python-twisted/patches/002-omit-tests.patch b/lang/python/python-twisted/patches/002-omit-tests.patch index 3ec59fd484..841b5e09e7 100644 --- a/lang/python/python-twisted/patches/002-omit-tests.patch +++ b/lang/python/python-twisted/patches/002-omit-tests.patch @@ -1,20 +1,10 @@ ---- a/setup.cfg -+++ b/setup.cfg -@@ -107,6 +107,9 @@ mypy = +--- a/pyproject.toml ++++ b/pyproject.toml +@@ -194,6 +194,7 @@ exclude = [ + "*.pxi", + "*.pyx", + "build.bat", ++ "test", + ] - [options.packages.find] - where = src -+exclude = -+ *.test -+ *.test.* - - [options.entry_points] - console_scripts = -@@ -126,6 +129,7 @@ console_scripts = - *.pxi - *.pyx - build.bat -+ test/* - - [flake8] - disable-noqa = True + [tool.hatch.build.targets.sdist] diff --git a/lang/python/python-twisted/test.sh b/lang/python/python-twisted/test.sh new file mode 100644 index 0000000000..3b9310791b --- /dev/null +++ b/lang/python/python-twisted/test.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +[ "$1" = python3-twisted ] || exit 0 + +python3 -c 'from twisted.internet import reactor' From 6dc86d46da18d573971b7e7a2d625b2498dbe249 Mon Sep 17 00:00:00 2001 From: John Audia Date: Wed, 4 Oct 2023 15:35:03 -0400 Subject: [PATCH 30/54] openssh: bump to 9.5p1 Changelog: https://www.openssh.com/txt/release-9.5 Build system: x86/64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia --- net/openssh/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/openssh/Makefile b/net/openssh/Makefile index c5d9699893..ca9380f0b8 100644 --- a/net/openssh/Makefile +++ b/net/openssh/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssh -PKG_VERSION:=9.4p1 +PKG_VERSION:=9.5p1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ -PKG_HASH:=3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85 +PKG_HASH:=f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b PKG_LICENSE:=BSD ISC PKG_LICENSE_FILES:=LICENCE From a8374204bbf5c111f8492995560088a4c399dca4 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Sat, 7 Oct 2023 20:04:12 +0800 Subject: [PATCH 31/54] golang: Update to 1.21.2 Includes fix for CVE-2023-39323 (cmd/go: line directives allows arbitrary execution during build). Signed-off-by: Jeffery To --- lang/golang/golang/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile index e91f346541..e6a6448f1a 100644 --- a/lang/golang/golang/Makefile +++ b/lang/golang/golang/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk GO_VERSION_MAJOR_MINOR:=1.21 -GO_VERSION_PATCH:=1 +GO_VERSION_PATCH:=2 PKG_NAME:=golang PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH)) @@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \ PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz PKG_SOURCE_URL:=$(GO_SOURCE_URLS) -PKG_HASH:=bfa36bf75e9a1e9cbbdb9abcf9d1707e479bd3a07880a8ae3564caee5711cb99 +PKG_HASH:=45e59de173baec39481854490d665b726cec3e5b159f6b4172e5ec7780b2c201 PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause From 36566a99af9074334eee3293a6d5a0aa7f4e8246 Mon Sep 17 00:00:00 2001 From: Luiz Angelo Daros de Luca Date: Sat, 7 Oct 2023 00:00:07 -0300 Subject: [PATCH 32/54] libvpx: update to 1.13.1 v1.13.0 This release includes more Neon and AVX2 optimizations, adds a new codec control to set per frame QP, upgrades GoogleTest to v1.12.1, and includes numerous bug fixes. v1.13.1 This release contains two security related fixes. One each for VP8 and VP9. - https://crbug.com/1486441 (CVE-2023-5217) - Fix bug with smaller width bigger size (CVE-2023-44488) Fixes #22318 Signed-off-by: Luiz Angelo Daros de Luca --- libs/libvpx/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libs/libvpx/Makefile b/libs/libvpx/Makefile index 830f2d7fa9..5c5073ac60 100644 --- a/libs/libvpx/Makefile +++ b/libs/libvpx/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libvpx -PKG_VERSION:=1.12.0 +PKG_VERSION:=1.13.1 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://chromium.googlesource.com/webm/libvpx -PKG_MIRROR_HASH:=19d9bd55198f063875cc72bdfa5eb9fa7cc1ae8af33979f807d2c82b66349933 +PKG_MIRROR_HASH:=55d6880564e354b2d310047773ac211790421e0f3ea70a9280213f7e27fa5f3a PKG_SOURCE_VERSION:=v$(PKG_VERSION) PKG_MAINTAINER:=Luiz Angelo Daros de Luca From 7c8f4a2a1c2e883ae3ebd62aab96bb45e31b4d55 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Fri, 6 Oct 2023 23:38:23 +0200 Subject: [PATCH 33/54] exim: update to version 4.96.1 This is a security release. JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which could be triggered by externally-supplied input. Found by Trend Micro. CVE-2023-42115 JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could be triggered by externally-controlled input. Found by Trend Micro. CVE-2023-42116 JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could be triggered by externally-controlled input. Found by Trend Micro. CVE-2023-42114 Signed-off-by: Daniel Golle --- mail/exim/Makefile | 6 +- .../000-preliminary-fixes-for-ZDI-vulns.patch | 185 ------------------ 2 files changed, 3 insertions(+), 188 deletions(-) delete mode 100644 mail/exim/patches/000-preliminary-fixes-for-ZDI-vulns.patch diff --git a/mail/exim/Makefile b/mail/exim/Makefile index 22a6a18df5..69d200bf1e 100644 --- a/mail/exim/Makefile +++ b/mail/exim/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=exim -PKG_VERSION:=4.96 -PKG_RELEASE:=2 +PKG_VERSION:=4.96.1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://ftp.exim.org/pub/exim/exim4/ -PKG_HASH:=299a56927b2eb3477daafd3c5bda02bc67e5c4e5898a7aeaf2740875278cf1a3 +PKG_HASH:=93ac0755c317e1fdbbea8ccb70a868876bdf3148692891c72ad0fe816767033d PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0-or-later diff --git a/mail/exim/patches/000-preliminary-fixes-for-ZDI-vulns.patch b/mail/exim/patches/000-preliminary-fixes-for-ZDI-vulns.patch deleted file mode 100644 index fee68a2419..0000000000 --- a/mail/exim/patches/000-preliminary-fixes-for-ZDI-vulns.patch +++ /dev/null @@ -1,185 +0,0 @@ -From florz@florz.de Sun Oct 1 10:33:31 2023 -Received: from [10.0.0.9] (helo=cumin.exim.org) - by mailman with esmtp (Exim 4.94.2) - (envelope-from ) - id 1qmspP-003gpc-28 - for exim-dev@lists.exim.org; Sun, 01 Oct 2023 09:33:31 +0000 -Authentication-Results: exim.org; - iprev=pass (rain.florz.de) smtp.remote-ip=2a07:12c0:1c00:40::1; - dmarc=none header.from=florz.de; - arc=none -Received: from rain.florz.de ([2a07:12c0:1c00:40::1]:36467) - by cumin.exim.org with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 - (Exim 4.94.2-31-503e55a2c) - (envelope-from ) - id 1qmspN-00EIpR-5w - for exim-dev@lists.exim.org; Sun, 01 Oct 2023 09:33:30 +0000 -Received: from [2a07:12c0:1c00:43::121] (port=60772 helo=florz.florz.de) - by rain.florz.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) - (Exim 4.92) - (envelope-from ) - id 1qmspL-0007Zj-F8 - for exim-dev@lists.exim.org; Sun, 01 Oct 2023 11:33:27 +0200 -Received: from florz by florz.florz.de with local (Exim 4.92) - (envelope-from ) - id 1qmspK-0001ZU-Sl - for exim-dev@lists.exim.org; Sun, 01 Oct 2023 11:33:26 +0200 -Date: Sun, 1 Oct 2023 11:33:26 +0200 -From: Florian Zumbiehl -To: exim-dev@lists.exim.org -Message-ID: <20231001093326.GS3837@florz.florz.de> -MIME-Version: 1.0 -Content-Type: text/plain; charset=us-ascii -Content-Disposition: inline -User-Agent: Mutt/1.10.1 (2018-07-13) -X-Spam-Score: 0.0 (/) -Message-ID-Hash: D3TCMSGJTLM76H6APEQXZEYOLYJKKCNZ -X-Message-ID-Hash: D3TCMSGJTLM76H6APEQXZEYOLYJKKCNZ -X-MailFrom: florz@florz.de -X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-exim-dev.lists.exim.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header -X-Mailman-Version: 3.3.3 -Precedence: list -Subject: [exim-dev] Hotfix for some of the ZDI vulnerabilities -List-Id: Exim MTA development list -List-Help: -List-Owner: -List-Post: -List-Subscribe: -List-Unsubscribe: -Message: 1 -Status: RO -Content-Length: 5347 - -Hi, - -below you find a patch that fixes some (probably three?) of what I guess are -the vulnerabilities reported by ZDI. - -Please note that the patch is only mildly tested, it is developed based on -the git master branch, but can be applied to older versions with minor -massaging. If you go back far enough, proxy.c was part of smtp_in.c, but if -you adjust for that, the patch can be made to apply there, too. - -Obviously, I have no idea whether this actually addresses what ZDI has -reported, but if not, these probably should be fixed, too, and if so, given -the fact that I managed to rather easily find these vulnerabilities based -on the information that's publicly available, I don't think there is much -point to trying to keep this secret any longer--if anything, it's -counterproductive. - -Also mind you that this is a hot fix, it's neither elegant, nor does it do -any useful error reporting, the goal was simply to prevent out of bounds -accesses. - -Florian - ---- - ---- a/src/auths/external.c -+++ b/src/auths/external.c -@@ -100,6 +100,9 @@ if (expand_nmax == 0) /* skip if rxd da - if ((rc = auth_prompt(CUS"")) != OK) - return rc; - -+if (expand_nmax != 1) -+ return FAIL; -+ - if (ob->server_param2) - { - uschar * s = expand_string(ob->server_param2); ---- a/src/auths/spa.c -+++ b/src/auths/spa.c -@@ -165,12 +165,18 @@ if (auth_get_no64_data(&data, msgbuf) != - return FAIL; - - /* dump client response */ --if (spa_base64_to_bits(CS &response, sizeof(response), CCS data) < 0) -+int l = spa_base64_to_bits(CS &response, sizeof(response), CCS data); -+if (l < 0) - { - DEBUG(D_auth) debug_printf("auth_spa_server(): bad base64 data in " - "response: %s\n", data); - return FAIL; - } -+if(l < (char *)&response.buffer - (char *)&response)return FAIL; -+unsigned long o = IVAL(&response.uUser.offset, 0); -+if((l < o) || (l - o < SVAL(&response.uUser.len, 0)))return FAIL; -+o = IVAL(&response.ntResponse.offset, 0); -+if((l < o) || (l - o < 24))return FAIL; - - /*************************************************************** - PH 07-Aug-2003: The original code here was this: -@@ -345,7 +351,10 @@ if (!smtp_read_response(sx, US buffer, b - - /* convert the challenge into the challenge struct */ - DSPA("\n\n%s authenticator: challenge (%s)\n\n", ablock->name, buffer + 4); --spa_base64_to_bits(CS (&challenge), sizeof(challenge), CCS (buffer + 4)); -+int l = spa_base64_to_bits(CS (&challenge), sizeof(challenge), CCS (buffer + 4)); -+if((l < 0) || (l < (char *)&challenge.buffer - (char *)&challenge))return FAIL; -+unsigned long o = IVAL(&challenge.uDomain.offset, 0); -+if((l < o) || (l - o < SVAL(&challenge.uDomain.len, 0)))return FAIL; - - spa_build_auth_response(&challenge, &response, CS username, CS password); - spa_bits_to_base64(US msgbuf, US &response, spa_request_length(&response)); ---- a/src/smtp_in.c -+++ b/src/smtp_in.c -@@ -1172,6 +1172,8 @@ while (capacity > 0) - do { ret = read(fd, to, 1); } while (ret == -1 && errno == EINTR && !had_command_timeout); - if (ret == -1) - return -1; -+ if (!ret) -+ break; - have++; - if (last) - return have; -@@ -1320,6 +1322,8 @@ if ((ret == PROXY_INITIAL_READ) && (memc - goto proxyfail; - } - -+ if (ret < 16) -+ goto proxyfail; - /* The v2 header will always be 16 bytes per the spec. */ - size = 16 + ntohs(hdr.v2.len); - DEBUG(D_receive) debug_printf("Detected PROXYv2 header, size %d (limit %d)\n", -@@ -1340,7 +1344,7 @@ if ((ret == PROXY_INITIAL_READ) && (memc - { - retmore = read(fd, (uschar*)&hdr + ret, size-ret); - } while (retmore == -1 && errno == EINTR && !had_command_timeout); -- if (retmore == -1) -+ if (retmore < 1) - goto proxyfail; - ret += retmore; - DEBUG(D_receive) debug_printf("PROXYv2: have %d/%d required octets\n", ret, size); -@@ -1362,6 +1366,8 @@ if (ret >= 16 && memcmp(&hdr.v2, v2sig, - switch (hdr.v2.fam) - { - case 0x11: /* TCPv4 address type */ -+ if (ret < 28) -+ goto proxyfail; - iptype = US"IPv4"; - tmpaddr.sin_addr.s_addr = hdr.v2.addr.ip4.src_addr; - inet_ntop(AF_INET, &tmpaddr.sin_addr, CS &tmpip, sizeof(tmpip)); -@@ -1388,6 +1394,8 @@ if (ret >= 16 && memcmp(&hdr.v2, v2sig, - proxy_external_port = tmpport; - goto done; - case 0x21: /* TCPv6 address type */ -+ if (ret < 52) -+ goto proxyfail; - iptype = US"IPv6"; - memmove(tmpaddr6.sin6_addr.s6_addr, hdr.v2.addr.ip6.src_addr, 16); - inet_ntop(AF_INET6, &tmpaddr6.sin6_addr, CS &tmpip6, sizeof(tmpip6)); -@@ -1446,10 +1454,13 @@ else if (ret >= 8 && memcmp(hdr.v1.line, - goto proxyfail; - ret += r2; - -+ if(ret > 107) -+ goto proxyfail; -+ hdr.v1.line[ret] = 0; - p = string_copy(hdr.v1.line); - end = memchr(p, '\r', ret - 1); - -- if (!end || (end == (uschar*)&hdr + ret) || end[1] != '\n') -+ if (!end || end[1] != '\n') - { - DEBUG(D_receive) debug_printf("Partial or invalid PROXY header\n"); - goto proxyfail; From 41635f946cbb038c29c9194390204823405b07b3 Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 3 Jun 2023 12:44:19 +0300 Subject: [PATCH 34/54] sshtunnel: uci_sshtunnel simplify Simplify comment and make it shorter. Remove triling tab after retrydelay. Use a full path for IdentityFile because otherwise the uci validation fails with the relative path ~/.ssh Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/uci_sshtunnel | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/net/sshtunnel/files/uci_sshtunnel b/net/sshtunnel/files/uci_sshtunnel index 87ab9eda92..e97bde15c1 100644 --- a/net/sshtunnel/files/uci_sshtunnel +++ b/net/sshtunnel/files/uci_sshtunnel @@ -1,19 +1,17 @@ -# -# Password authentication is not possible, public key authentication must be used. -# Set "option IdentityFile" to the file from which the identity (private key) for RSA or DSA authentication is read. -# The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol version 2. -# ssh will also try to load certificate information from the filename obtained by appending -cert.pub to identity filenames. -# +# Password auth is not possible so only Public Key auth must be used. +# Set "option IdentityFile" to the file from which the identity (private key) is read. +# By default the OpenSSH client checks for /root/.ssh/id_rsa, /root/.ssh/id_ed25519 and /root/.ssh/id_ecdsa +# See https://openwrt.org/docs/guide-user/services/ssh/sshtunnel #config server disney # option user mourinho # option hostname server.disney.com # option port 22 -# option retrydelay 1 +# option retrydelay 1 # option CheckHostIP yes # option Compression no # option CompressionLevel 6 -# option IdentityFile ~/.ssh/id_rsa +# option IdentityFile /root/.ssh/id_rsa # option LogLevel INFO # option PKCS11Provider /lib/pteidpkcs11.so # option ServerAliveCountMax 3 From 2a5f9dbcc7cbe4524c9da3085ce8b30cbc88155e Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 3 Jun 2023 12:46:03 +0300 Subject: [PATCH 35/54] sshtunnel: uci_sshtunnel use example.com Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/uci_sshtunnel | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/net/sshtunnel/files/uci_sshtunnel b/net/sshtunnel/files/uci_sshtunnel index e97bde15c1..496e470309 100644 --- a/net/sshtunnel/files/uci_sshtunnel +++ b/net/sshtunnel/files/uci_sshtunnel @@ -3,9 +3,9 @@ # By default the OpenSSH client checks for /root/.ssh/id_rsa, /root/.ssh/id_ed25519 and /root/.ssh/id_ecdsa # See https://openwrt.org/docs/guide-user/services/ssh/sshtunnel -#config server disney -# option user mourinho -# option hostname server.disney.com +#config server example +# option user root +# option hostname server.example.com # option port 22 # option retrydelay 1 # option CheckHostIP yes @@ -24,7 +24,7 @@ # remoteaddress:remoteport and then forwarded to localaddress:localport # #config tunnelR http -# option server disney +# option server example # option remoteaddress * # option remoteport 9009 # option localaddress 192.168.1.13 @@ -34,17 +34,17 @@ # localaddress:localport and then forwarded to remoteaddress:remoteport # #config tunnelL test -# option server disney +# option server example # option localaddress * # option localport 1022 -# option remoteaddress secretserver.disney.com +# option remoteaddress secretserver.example.com # option remoteport 22 # tunnelD(ynamic) - when the connection will be initiated with the SOCKS4 or SOCKS5 protocol # to the local endpoint at localaddress:localport and then forwarded over the remote host # #config tunnelD proxy -# option server disney +# option server example # option localaddress * # option localport 4055 @@ -54,7 +54,7 @@ # ethernet = TAP # #config tunnelW proxy -# option server disney +# option server example # option vpntype point-to-point|ethernet # option localdev any|0|1|2|... # option remotedev any|0|1|2|... From 714c97b012285ce28bc392a7d86a26c8fedd5d3d Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 3 Jun 2023 13:10:32 +0300 Subject: [PATCH 36/54] sshtunnel: set StrictHostKeyChecking=accept-new by default Without the option the ssh will propt a user to accept the host key. So a user should perform a connection manualy and accept before useing the sshtunnel. The accept-new is a reasonable trade off. Also the LogLevel is INFO by default. Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/sshtunnel.init | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index 3db8dbb118..4a23c9fbe7 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -47,10 +47,10 @@ validate_server_section() { 'Compression:or("yes", "no")' \ 'CompressionLevel:range(1,9)' \ 'IdentityFile:file' \ - 'LogLevel:or("QUIET", "FATAL", "ERROR", "INFO", "VERBOSE", "DEBUG", "DEBUG1", "DEBUG2", "DEBUG3"):INFO' \ + 'LogLevel:or("QUIET", "FATAL", "ERROR", "INFO", "VERBOSE", "DEBUG", "DEBUG1", "DEBUG2", "DEBUG3")' \ 'ServerAliveCountMax:min(1)' \ 'ServerAliveInterval:min(0)' \ - 'StrictHostKeyChecking:or("yes", "no", "accept-new")' \ + 'StrictHostKeyChecking:or("yes", "no", "accept-new"):accept-new' \ 'TCPKeepAlive:or("yes", "no")' \ 'VerifyHostKeyDNS:or("yes", "no")' } From f14dae7bc9ef0db6f6b25e605dc6c963d9417e17 Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 3 Jun 2023 13:23:35 +0300 Subject: [PATCH 37/54] sshtunnel: Use -i $IdentityFile instead of -o IdentityFile=$IdentityFile This makes the sshtunnel compatible with Dropbear. Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/sshtunnel.init | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index 4a23c9fbe7..480933edee 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -174,10 +174,12 @@ load_server() { config_foreach validate_tunnelW_section "tunnelW" load_tunnelW [ "$count" -eq 0 ] && { _err "tunnels to $server not started - no tunnels defined"; return 1; } - append_params CheckHostIP Compression CompressionLevel IdentityFile \ + append_params CheckHostIP Compression CompressionLevel \ LogLevel PKCS11Provider ServerAliveCountMax ServerAliveInterval \ StrictHostKeyChecking TCPKeepAlive VerifyHostKeyDNS + # dropbear doesn't support -o IdentityFile so use -i instead + [ -n "$IdentityFile" ] && ARGS_options="$ARGS_options -i $IdentityFile" ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels -p $port $user@$hostname" procd_open_instance "$server" From 1d9f10a1356df1862bfff4f3031011403ddfe0bd Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 3 Jun 2023 14:23:33 +0300 Subject: [PATCH 38/54] sshtunnel: StrictHostKeyChecking for Dropbear The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option: -y Always accept remote host key if unknown -y -y Don't perform any remote host key checking (caution) So we can add these options to make the StrictHostKeyChecking working. The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead. The only problem is that the -y flag is also used by the openssh-client: -y Send log information using the syslog(3) system module. By default this information is sent to stderr. This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag. Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/sshtunnel.init | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index 480933edee..144d447e84 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -180,6 +180,9 @@ load_server() { # dropbear doesn't support -o IdentityFile so use -i instead [ -n "$IdentityFile" ] && ARGS_options="$ARGS_options -i $IdentityFile" + # dbclient doesn't support StrictHostKeyChecking but it has the -y option that works same + [ "$StrictHostKeyChecking" = "accept-new" ] && ARGS_options="$ARGS_options -y" + [ "$StrictHostKeyChecking" = "no" ] && ARGS_options="$ARGS_options -yy" ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels -p $port $user@$hostname" procd_open_instance "$server" From 9dd8a62238d79b94d293c2c1c1631a25eafe98d1 Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Wed, 21 Jun 2023 19:58:48 +0300 Subject: [PATCH 39/54] sshtunnel: allow empty remoteaddress Just empty or * may have some semantic difference on a server Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/sshtunnel.init | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index 144d447e84..1274be2494 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -57,7 +57,7 @@ validate_server_section() { validate_tunnelR_section() { uci_load_validate sshtunnel tunnelR "$1" "$2" \ - 'remoteaddress:or(host, "*"):*' \ + 'remoteaddress:or(host, "*")' \ 'remoteport:port' \ 'localaddress:host' \ 'localport:port' @@ -67,13 +67,13 @@ validate_tunnelL_section() { uci_load_validate sshtunnel tunnelL "$1" "$2" \ 'remoteaddress:host' \ 'remoteport:port' \ - 'localaddress:or(host, "*"):*' \ + 'localaddress:or(host, "*")' \ 'localport:port' } validate_tunnelD_section() { uci_load_validate sshtunnel tunnelD "$1" "$2" \ - 'localaddress:or(host, "*"):*' \ + 'localaddress:or(host, "*")' \ 'localport:port' } @@ -93,7 +93,7 @@ load_tunnelR() { # validate and load this remote tunnel config [ "$2" = 0 ] || { _err "tunnelR $1: validation failed"; return 1; } - [ -n "$remoteport" -a -n "$localport" -a -n "$remoteaddress" ] || { _err "tunnelR $1: missing required options"; return 1; } + [ -n "$remoteport" -a -n "$localport" ] || { _err "tunnelR $1: missing required options"; return 1; } # count nr of valid sections to make sure there are at least one count=$((count+=1)) @@ -111,7 +111,7 @@ load_tunnelL() { # validate and load this remote tunnel config [ "$2" = 0 ] || { _err "tunnelL $1: validation failed"; return 1; } - [ -n "$remoteport" -a -n "$localport" -a -n "$remoteaddress" ] || { _err "tunnelL $1: missing required options"; return 1; } + [ -n "$remoteport" -a -n "$localport" ] || { _err "tunnelL $1: missing required options"; return 1; } # count nr of valid sections to make sure there are at least one count=$((count+=1)) From 9ea6f35194e888af5402bcecc67d074763758189 Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Wed, 21 Jun 2023 19:59:28 +0300 Subject: [PATCH 40/54] sshtunnel: add enabled option Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/sshtunnel.init | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index 1274be2494..bff5cfdbed 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -57,6 +57,7 @@ validate_server_section() { validate_tunnelR_section() { uci_load_validate sshtunnel tunnelR "$1" "$2" \ + 'enabled:bool:1' \ 'remoteaddress:or(host, "*")' \ 'remoteport:port' \ 'localaddress:host' \ @@ -65,6 +66,7 @@ validate_tunnelR_section() { validate_tunnelL_section() { uci_load_validate sshtunnel tunnelL "$1" "$2" \ + 'enabled:bool:1' \ 'remoteaddress:host' \ 'remoteport:port' \ 'localaddress:or(host, "*")' \ @@ -73,12 +75,14 @@ validate_tunnelL_section() { validate_tunnelD_section() { uci_load_validate sshtunnel tunnelD "$1" "$2" \ + 'enabled:bool:1' \ 'localaddress:or(host, "*")' \ 'localport:port' } validate_tunnelW_section() { uci_load_validate sshtunnel tunnelW "$1" "$2" \ + 'enabled:bool:1' \ 'vpntype:or("ethernet", "point-to-point"):point-to-point' \ 'localdev:or("any", min(0))' \ 'remotedev:or("any", min(0))' @@ -86,6 +90,7 @@ validate_tunnelW_section() { load_tunnelR() { config_get section_server "$1" "server" + [ "$enabled" = 0 ] && return 0 # continue to read next section if this is not for the current server [ "$server" = "$section_server" ] || return 0 @@ -104,6 +109,7 @@ load_tunnelR() { load_tunnelL() { config_get section_server "$1" "server" + [ "$enabled" = 0 ] && return 0 # continue to read next section if this is not for the current server [ "$server" = "$section_server" ] || return 0 @@ -122,6 +128,7 @@ load_tunnelL() { load_tunnelD() { config_get section_server "$1" "server" + [ "$enabled" = 0 ] && return 0 # continue to read next section if this is not for the current server [ "$server" = "$section_server" ] || return 0 @@ -140,6 +147,7 @@ load_tunnelD() { load_tunnelW() { config_get section_server "$1" "server" + [ "$enabled" = 0 ] && return 0 # continue to read next section if this is not for the current server [ "$server" = "$section_server" ] || return 0 From 1a92dbcf32eec04b7f6de9001b8568911b58039a Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Wed, 21 Jun 2023 20:01:31 +0300 Subject: [PATCH 41/54] sshtunnel: allow empty port and user A user may have some host configured in the .ssh/config with user and port. But we anyway have to specify them in the sshtunnel. The change fixes this Signed-off-by: Sergey Ponomarev --- net/sshtunnel/files/sshtunnel.init | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index bff5cfdbed..8b8f97f933 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -191,7 +191,10 @@ load_server() { # dbclient doesn't support StrictHostKeyChecking but it has the -y option that works same [ "$StrictHostKeyChecking" = "accept-new" ] && ARGS_options="$ARGS_options -y" [ "$StrictHostKeyChecking" = "no" ] && ARGS_options="$ARGS_options -yy" - ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels -p $port $user@$hostname" + ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels " + [ -n "$port" ] && ARGS="$ARGS -p $port " + [ -n "$user" ] && ARGS="$ARGS $user@" + ARGS="${ARGS}$hostname" procd_open_instance "$server" procd_set_param command "$PROG" $ARGS From fdaf5309507a591e0837f6314b8c94849fba08db Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Wed, 20 Sep 2023 17:27:45 +0300 Subject: [PATCH 42/54] sshtunnel: update version to 5.1 Make it depends on ether Dropbear dbclient or OpenSSH client Signed-off-by: Sergey Ponomarev --- net/sshtunnel/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/sshtunnel/Makefile b/net/sshtunnel/Makefile index 0b816dcd37..0238289931 100644 --- a/net/sshtunnel/Makefile +++ b/net/sshtunnel/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sshtunnel -PKG_VERSION:=4 -PKG_RELEASE:=5 +PKG_VERSION:=5 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-2.0-or-later PKG_MAINTAINER:=Nuno Goncalves @@ -21,7 +21,7 @@ define Package/sshtunnel CATEGORY:=Network SUBMENU:=SSH TITLE:=Manages local and remote openssh ssh(1) tunnels - DEPENDS:=+openssh-client + DEPENDS:=@(DROPBEAR_DBCLIENT||PACKAGE_openssh-client) PKGARCH:=all endef From 4e0d43a8d9d6cef670d1a82892b34a04bd6863c3 Mon Sep 17 00:00:00 2001 From: Olivier Poitrey Date: Sat, 7 Oct 2023 01:30:22 +0000 Subject: [PATCH 43/54] nextdns: Update to version 1.41.0 Signed-off-by: Olivier Poitrey --- net/nextdns/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/nextdns/Makefile b/net/nextdns/Makefile index 7061d39e9f..c2caa7d2bd 100644 --- a/net/nextdns/Makefile +++ b/net/nextdns/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nextdns -PKG_VERSION:=1.40.1 +PKG_VERSION:=1.41.0 PKG_RELEASE:=1 PKG_SOURCE:=nextdns-$(PKG_VERSION).tar.gz PKG_SOURCE_VERSION:=v$(PKG_VERSION) PKG_SOURCE_URL:=https://codeload.github.com/nextdns/nextdns/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=5fec5ed5373d94dcaf8b17ddd78d05ccdfd0faa8b4695d9e926d8e71278ea08e +PKG_HASH:=f13439f3c797769add028bff68974d88452add8b026b6da55fa056020ffbe479 PKG_MAINTAINER:=Olivier Poitrey PKG_LICENSE:=MIT From e65aed298cf1bca8901dc5843156368fd5bccbc4 Mon Sep 17 00:00:00 2001 From: Jianhui Zhao Date: Sun, 8 Oct 2023 16:20:08 +0800 Subject: [PATCH 44/54] lua-eco: update to 3.0.1 Signed-off-by: Jianhui Zhao --- lang/lua-eco/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/lua-eco/Makefile b/lang/lua-eco/Makefile index 4649474af9..95b9fd38f8 100644 --- a/lang/lua-eco/Makefile +++ b/lang/lua-eco/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lua-eco -PKG_VERSION:=3.0.0 +PKG_VERSION:=3.0.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL=https://github.com/zhaojh329/lua-eco/releases/download/v$(PKG_VERSION) -PKG_HASH:=530b179af2283b7a1983643794f3b6de936317fe3c23a9dca4f7828dec6f7e46 +PKG_HASH:=96f008932e319739df2fe99dc1cba7e9a1a389015a4b96ad0f63d95bb6422b09 PKG_MAINTAINER:=Jianhui Zhao PKG_LICENSE:=MIT From 3e9b2d85f04c770a5f3e8bdc3065467ef976dea4 Mon Sep 17 00:00:00 2001 From: Glenn Strauss Date: Sat, 7 Oct 2023 02:24:55 -0400 Subject: [PATCH 45/54] lighttpd: update to lighttpd 1.4.72 release hash Signed-off-by: Glenn Strauss --- net/lighttpd/Makefile | 4 ++-- net/lighttpd/patches/020-meson-mod_webdav_min.patch | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/net/lighttpd/Makefile b/net/lighttpd/Makefile index cd1950cea2..e04350b7ff 100644 --- a/net/lighttpd/Makefile +++ b/net/lighttpd/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lighttpd -PKG_VERSION:=1.4.71 +PKG_VERSION:=1.4.72 PKG_RELEASE:=1 # release candidate ~rcX testing; remove for release #PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://download.lighttpd.net/lighttpd/releases-1.4.x -PKG_HASH:=b8b6915da20396fdc354df3324d5e440169b2e5ea7859e3a775213841325afac +PKG_HASH:=f7cade4d69b754a0748c01463c33cd8b456ca9cc03bb09e85a71bcbcd54e55ec PKG_MAINTAINER:=W. Michael Petullo PKG_LICENSE:=BSD-3-Clause diff --git a/net/lighttpd/patches/020-meson-mod_webdav_min.patch b/net/lighttpd/patches/020-meson-mod_webdav_min.patch index 774eb60e4c..d165618744 100644 --- a/net/lighttpd/patches/020-meson-mod_webdav_min.patch +++ b/net/lighttpd/patches/020-meson-mod_webdav_min.patch @@ -9,7 +9,7 @@ Subject: [PATCH] [meson] mod_webdav_min w/o deps: xml2 sqlite3 uuid --- a/src/meson.build +++ b/src/meson.build -@@ -876,6 +876,16 @@ if libsasl.found() +@@ -877,6 +877,16 @@ if libsasl.found() ] endif From 597df3585fae16ac1e8a64b839c7159a907e70af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nuno=20Gon=C3=A7alves?= Date: Tue, 20 Jun 2023 16:54:16 +0100 Subject: [PATCH 46/54] esp2net: add Espressif ESP chip USB-Network proxy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Nuno Gonçalves --- net/esp2net/Makefile | 48 ++++++++++++++++++++++++++++++++ net/esp2net/files/esp2net.config | 4 +++ net/esp2net/files/esp2net.init | 32 +++++++++++++++++++++ 3 files changed, 84 insertions(+) create mode 100644 net/esp2net/Makefile create mode 100644 net/esp2net/files/esp2net.config create mode 100755 net/esp2net/files/esp2net.init diff --git a/net/esp2net/Makefile b/net/esp2net/Makefile new file mode 100644 index 0000000000..8e0dcbeac1 --- /dev/null +++ b/net/esp2net/Makefile @@ -0,0 +1,48 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=esp2net +PKG_RELEASE:=1 + +PKG_LICENSE:=GPL-2.0-only +PKG_MAINTAINER:=Nuno Gonçalves + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL=https://github.com/nunojpg/esp2net.git +PKG_SOURCE_DATE:=2023-06-20 +PKG_SOURCE_VERSION:=be514c7a50bd8f3aac146ba267856d66cad1abd9 +PKG_MIRROR_HASH:=bb2d180887c14ee3e6bec51ccaae195274a09e4be108a7e69e2126df5245c0b7 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/esp2net + SECTION:=net + CATEGORY:=Network + TITLE:=Espressif ESP chip network monitor and flash proxy + DEPENDS:=+libstdcpp +endef + +define Package/esp2net/description + Allows to flash a Espressif chip connected to this device. + The functionality is identical to "esp_rfc2217_server.py" but without Python. + Typically you want also to install one or more USB serial drivers: + * kmod-usb-serial-cp210x + * kmod-usb-serial-ftdi + * kmod-usb-serial-ch341 + * kmod-usb-acm +endef + +define Package/esp2net/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/esp2net $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/esp2net.init $(1)/etc/init.d/esp2net + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) ./files/esp2net.config $(1)/etc/config/esp2net +endef + +define Package/esp2net/conffiles +/etc/config/esp2net +endef + +$(eval $(call BuildPackage,esp2net)) diff --git a/net/esp2net/files/esp2net.config b/net/esp2net/files/esp2net.config new file mode 100644 index 0000000000..1059f2bb1e --- /dev/null +++ b/net/esp2net/files/esp2net.config @@ -0,0 +1,4 @@ +config esp2net + option uart '/dev/ttyUSB0' + option port '5001' + option disabled 1 diff --git a/net/esp2net/files/esp2net.init b/net/esp2net/files/esp2net.init new file mode 100755 index 0000000000..437923f852 --- /dev/null +++ b/net/esp2net/files/esp2net.init @@ -0,0 +1,32 @@ +#!/bin/sh /etc/rc.common + +USE_PROCD=1 + +START=95 +STOP=01 + +CONFIGURATION=esp2net +SECTION=esp2net + +parse_esp2net() +{ + local uart + local port + local disabled + config_get uart "${1}" uart + config_get port "${1}" port + config_get_bool disabled "${1}" disabled 0 + [ "$disabled" -eq 1 ] && return; + procd_open_instance + procd_set_param respawn 3600 5 5 + procd_set_param command /usr/sbin/esp2net "$uart" "$port" + procd_set_param file /etc/config/esp2net + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_close_instance +} + +start_service() { + config_load "${CONFIGURATION}" + config_foreach parse_esp2net "${SECTION}" +} From 58558c8834403be8438b2fb62566c87c72bff980 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Sat, 7 Oct 2023 15:26:07 +0300 Subject: [PATCH 47/54] kea: bump to 2.2.1 Signed-off-by: Stijn Tintel --- net/kea/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/kea/Makefile b/net/kea/Makefile index 1febb30469..2909346370 100644 --- a/net/kea/Makefile +++ b/net/kea/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=kea -PKG_VERSION:=2.2.0 +PKG_VERSION:=2.2.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://ftp.isc.org/isc/kea/$(PKG_VERSION) -PKG_HASH:=da7d90ca62a772602dac6e77e507319038422895ad68eeb142f1487d67d531d2 +PKG_HASH:=bd2555b48b4dcda08097b12695e53227c6a23c6901018fc31b79d409c998c181 PKG_MAINTAINER:=BangLang Huang , Rosy Song PKG_LICENSE:=MPL-2.0 From af48372e3740713595a07330316276259162edf6 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Sun, 8 Oct 2023 01:47:09 +0300 Subject: [PATCH 48/54] kea: bump to 2.4.0 Signed-off-by: Stijn Tintel --- net/kea/Makefile | 4 +- net/kea/patches/003-no-test-compile.patch | 88 ++++++++++++++++++----- 2 files changed, 74 insertions(+), 18 deletions(-) diff --git a/net/kea/Makefile b/net/kea/Makefile index 2909346370..c44c088e80 100644 --- a/net/kea/Makefile +++ b/net/kea/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=kea -PKG_VERSION:=2.2.1 +PKG_VERSION:=2.4.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://ftp.isc.org/isc/kea/$(PKG_VERSION) -PKG_HASH:=bd2555b48b4dcda08097b12695e53227c6a23c6901018fc31b79d409c998c181 +PKG_HASH:=3a33cd08dc3319ff544e6bbf2c0429042106f4051ebe115dc1bb2625c95003f7 PKG_MAINTAINER:=BangLang Huang , Rosy Song PKG_LICENSE:=MPL-2.0 diff --git a/net/kea/patches/003-no-test-compile.patch b/net/kea/patches/003-no-test-compile.patch index 709e534c65..d22badf04a 100644 --- a/net/kea/patches/003-no-test-compile.patch +++ b/net/kea/patches/003-no-test-compile.patch @@ -76,8 +76,8 @@ -SUBDIRS = . tests +SUBDIRS = . - PYTHON_PREFIX=@prefix@ - PYTHON_EXEC_PREFIX=@prefix@ + pkgpython_PYTHON = kea_conn.py kea_connector3.py + --- a/src/hooks/dhcp/high_availability/Makefile.am +++ b/src/hooks/dhcp/high_availability/Makefile.am @@ -1,4 +1,4 @@ @@ -89,16 +89,16 @@ --- a/src/hooks/dhcp/lease_cmds/Makefile.am +++ b/src/hooks/dhcp/lease_cmds/Makefile.am @@ -1,4 +1,4 @@ --SUBDIRS = . tests -+SUBDIRS = . +-SUBDIRS = . tests libloadtests ++SUBDIRS = . libloadtests AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib AM_CPPFLAGS += $(BOOST_INCLUDES) --- a/src/hooks/dhcp/stat_cmds/Makefile.am +++ b/src/hooks/dhcp/stat_cmds/Makefile.am @@ -1,4 +1,4 @@ --SUBDIRS = . tests -+SUBDIRS = . +-SUBDIRS = . tests libloadtests ++SUBDIRS = . libloadtests AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib AM_CPPFLAGS += $(BOOST_INCLUDES) @@ -134,14 +134,6 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib AM_CPPFLAGS += $(BOOST_INCLUDES) ---- a/src/lib/cfgrpt/Makefile.am -+++ b/src/lib/cfgrpt/Makefile.am -@@ -1,4 +1,4 @@ --SUBDIRS = . tests -+SUBDIRS = . - - AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib - AM_CXXFLAGS = $(KEA_CXXFLAGS) --- a/src/lib/config/Makefile.am +++ b/src/lib/config/Makefile.am @@ -1,4 +1,4 @@ @@ -277,8 +269,8 @@ --- a/src/lib/process/Makefile.am +++ b/src/lib/process/Makefile.am @@ -1,4 +1,4 @@ --SUBDIRS = . testutils tests -+SUBDIRS = . +-SUBDIRS = cfgrpt . testutils tests ++SUBDIRS = cfgrpt . testutils # DATA_DIR is the directory where to put PID files. dhcp_data_dir = @runstatedir@/@PACKAGE@ AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib @@ -308,3 +300,67 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib AM_CPPFLAGS += $(BOOST_INCLUDES) +--- a/src/hooks/dhcp/bootp/Makefile.am ++++ b/src/hooks/dhcp/bootp/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . tests libloadtests ++SUBDIRS = . libloadtests + + AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) +--- a/src/hooks/dhcp/flex_option/Makefile.am ++++ b/src/hooks/dhcp/flex_option/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . libloadtests tests ++SUBDIRS = . libloadtests + + AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) +--- a/src/hooks/dhcp/mysql_cb/Makefile.am ++++ b/src/hooks/dhcp/mysql_cb/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . tests libloadtests ++SUBDIRS = . libloadtests + + AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) $(MYSQL_CPPFLAGS) +--- a/src/hooks/dhcp/pgsql_cb/Makefile.am ++++ b/src/hooks/dhcp/pgsql_cb/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . tests libloadtests ++SUBDIRS = . libloadtests + + AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) $(PGSQL_CPPFLAGS) +--- a/src/hooks/dhcp/run_script/Makefile.am ++++ b/src/hooks/dhcp/run_script/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . libloadtests tests ++SUBDIRS = . libloadtests + + AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) +--- a/src/lib/d2srv/Makefile.am ++++ b/src/lib/d2srv/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . testutils tests ++SUBDIRS = . testutils + + AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) +--- a/src/lib/process/cfgrpt/Makefile.am ++++ b/src/lib/process/cfgrpt/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . tests ++SUBDIRS = . + + AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib + AM_CXXFLAGS = $(KEA_CXXFLAGS) +--- a/src/lib/tcp/Makefile.am ++++ b/src/lib/tcp/Makefile.am +@@ -1,4 +1,4 @@ +-SUBDIRS = . tests ++SUBDIRS = . + + AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib + AM_CPPFLAGS += $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES) From bf7ce353b8af9a36411525306abcde23e860e76d Mon Sep 17 00:00:00 2001 From: Leo Douglas Date: Fri, 29 Sep 2023 19:38:04 +0800 Subject: [PATCH 49/54] sing-box: update to v1.5.2 * Enable `with_ech` and `with_dhcp`, just like upstream * See changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.5.2 Signed-off-by: Leo Douglas sing-box: ShadowsocksR is marked as deprecated since v1.5.0 Signed-off-by: Leo Douglas sing-box: remove dhcp by default Signed-off-by: Leo Douglas --- net/sing-box/Makefile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/net/sing-box/Makefile b/net/sing-box/Makefile index dd3b3b0267..20a7c6dd0c 100644 --- a/net/sing-box/Makefile +++ b/net/sing-box/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sing-box -PKG_VERSION:=1.4.3 +PKG_VERSION:=1.5.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=baf7c87f2e5005bf268975b1a2511f30927210b1607f20451fec2de0044edfa8 +PKG_HASH:=ad344a5fe0a515e3e5d0ab8102482b4a3d38932cf754756e1d48db17d36a5609 PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=LICENSE @@ -54,6 +54,7 @@ define Package/sing-box/config config SINGBOX_WITH_ECH bool "Build with TLS ECH extension support for TLS outbound" + default y config SINGBOX_WITH_EMBEDDED_TOR bool "Build with embedded Tor support" @@ -78,6 +79,8 @@ define Package/sing-box/config config SINGBOX_WITH_SHADOWSOCKSR bool "Build with ShadowsocksR support" + help + It will be marked deprecated in 1.5.0 and removed entirely in 1.6.0. config SINGBOX_WITH_UTLS bool "Build with uTLS support for TLS outbound" From ff93e4a19d9e9957b61f4a214399cfc87f9c7648 Mon Sep 17 00:00:00 2001 From: Oskari Rauta Date: Sun, 8 Oct 2023 17:51:50 +0300 Subject: [PATCH 50/54] cni-protocol: update protocol Changes to protocol file and it's description. Works better now and restarts firewall automaticly when tunnel comes available. More informative/guiding description. Signed-off-by: Oskari Rauta --- net/cni-protocol/Makefile | 51 ++++++++++++++++++++++++----------- net/cni-protocol/files/cni.sh | 44 ++++++++++++++++++++---------- 2 files changed, 65 insertions(+), 30 deletions(-) diff --git a/net/cni-protocol/Makefile b/net/cni-protocol/Makefile index dbe1498753..3711452b76 100644 --- a/net/cni-protocol/Makefile +++ b/net/cni-protocol/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cni-protocol -PKG_VERSION:=20230217 +PKG_VERSION:=20231008 PKG_RELEASE:=1 PKG_MAINTAINER:=Oskari Rauta @@ -16,25 +16,44 @@ define Package/cni-protocol endef define Package/cni-protocol/description - protocol support for cni networks for netifd - makes defining network for podman and other similar - systems using cni networking much easier and simpler. + protocol support for netavark/cni networks for netifd + makes defining networks for podman and other similar + systems easier and simple. - with cni protocol support, on a network, where firewall - and portmapper management is disabled, you may control - firewalling with openwrt's default firewall configuration. + with protocol, a network where firewall and portmapper + management is disabled, control of firewalling, whether + it was exposing ports, and forwarding to them from wan, + or limiting/accepting access to other networks such + as lan can made through openwrt's own firewalling + configuration. - for example, create a container that hosts web content on - port 80 with static ip on your cni network, if your - network is 10.88.0.0/16, use for eg. 10.88.0.101 as - your containers static ip address. Create a zone, cni - to your firewall and add your interface to it. + example configuration could be as following: + - lan network: 10.0.0.0/16 (255.255.0.0) + - container network: 10.129.0.1/24 (255.255.255.0) - Now you can easily set up redirectiong to 10.88.0.101:80 - to expose it's port 80 to wan for serving your website. + Add a network configuration for your container network + using cni protocol. Then create firewall zone for it. - Protocol has one setting: device, on podman this often - is cni-podman0. + You could create a new container/pod with static ip + address 10.129.0.2 (as 10.129.0.1 as container network's + gateway). + + Easily define permissions so that local networks can + connect to cni network, but not the other way around. + Also you want to allow forwarding from/to wan. + + Now, as cni cannot access local dns, make a rule for + your firewall to accept connections from cni network + to port 53 (dns). + + Now all you have to do, is make redirects to your firewall + and point them to 10.129.0.2 and connections from wan are + redirectered to containers/pods. + + Protocol has 2 settings: device and delay. Sometimes polling + interfaces takes some time, and in that case you might want + to add few seconds to delay. Otherwise, it can be excluded + from configuration. endef define Build/Configure diff --git a/net/cni-protocol/files/cni.sh b/net/cni-protocol/files/cni.sh index c0cbc3b723..73a37112dc 100755 --- a/net/cni-protocol/files/cni.sh +++ b/net/cni-protocol/files/cni.sh @@ -9,33 +9,50 @@ proto_cni_init_config() { no_device=0 available=0 - no_proto_task=1 - teardown_on_l3_link_down=1 proto_config_add_string "device:device" + proto_config_add_int "delay" } proto_cni_setup() { - local cfg="$1" - local device ipaddr netmask broadcast route routemask routesrc + local iface="$2" + local device delay + + json_get_vars device delay + + [ -n "$device" ] || { + echo "No cni interface specified" + proto_notify_error "$cfg" NO_DEVICE + proto_set_available "$cfg" 0 + return 1 + } + + [ -n "$delay" ] && sleep "$delay" + + [ -L "/sys/class/net/${iface}" ] || { + echo "The specified interface $iface is not present" + proto_notify_error "$cfg" NO_DEVICE + proto_set_available "$cfg" 0 + return 1 + } - json_get_var device device + local ipaddr netmask broadcast route routemask routesrc - ipaddr=$(ip -4 -o a show "$device" | awk '{ print $4 }' | cut -d '/' -f1) - netmask=$(ip -4 -o a show "$device" | awk '{ print $4 }' | cut -d '/' -f2) - broadcast=$(ip -4 -o a show "$device" | awk '{ print $6 }') - route=$(ip -4 -o r show dev "$device" | awk '{ print $1 }' | cut -d '/' -f1) - routemask=$(ip -4 -o r show dev "$device" | awk '{ print $1 }' | cut -d '/' -f2) - routesrc=$(ip -4 -o r show dev "$device" | awk '{ print $7 }') + ipaddr=$(ip -4 -o a show "$iface" | awk '{ print $4 }' | cut -d '/' -f1) + netmask=$(ip -4 -o a show "$iface" | awk '{ print $4 }' | cut -d '/' -f2) + broadcast=$(ip -4 -o a show "$iface" | awk '{ print $6 }') + route=$(ip -4 -o r show dev "$iface" | awk '{ print $1 }' | cut -d '/' -f1) + routemask=$(ip -4 -o r show dev "$iface" | awk '{ print $1 }' | cut -d '/' -f2) + routesrc=$(ip -4 -o r show dev "$iface" | awk '{ print $7 }') [ -z "$ipaddr" ] && { - echo "cni network $cfg does not have ip address" + echo "interface $iface does not have ip address" proto_notify_error "$cfg" NO_IPADDRESS return 1 } - proto_init_update "$device" 1 + proto_init_update "$iface" 1 [ -n "$ipaddr" ] && proto_add_ipv4_address "$ipaddr" "$netmask" "$broadcast" "" [ -n "$route" ] && proto_add_ipv4_route "$route" "$routemask" "" "$routesrc" "" proto_send_update "$cfg" @@ -43,7 +60,6 @@ proto_cni_setup() { proto_cni_teardown() { local cfg="$1" - #proto_set_available "$cfg" 0 return 0 } From 5cd966ca4f44f9c98fe036cc4fd4933b695762bf Mon Sep 17 00:00:00 2001 From: Zephyr Lykos Date: Fri, 6 Oct 2023 18:55:02 +0800 Subject: [PATCH 51/54] tailscale: Update to 1.50.1 https://github.com/tailscale/tailscale/releases/tag/v1.50.1 Signed-off-by: Zephyr Lykos --- net/tailscale/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/tailscale/Makefile b/net/tailscale/Makefile index 64360168a2..d787ee25d6 100644 --- a/net/tailscale/Makefile +++ b/net/tailscale/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tailscale -PKG_VERSION:=1.50.0 +PKG_VERSION:=1.50.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/tailscale/tailscale/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=a7e024577854c07b793c4bbd81a497250e6a1b4536e303351a388810f13b7316 +PKG_HASH:=183a7d559590a759dd77aa9c2b65486ab6e13c26f3c07fad0b536e318ad5e233 PKG_MAINTAINER:=Jan Pavlinec PKG_LICENSE:=BSD-3-Clause From b1fc3754b3969edc9dca2f1fd5129edbd0a76517 Mon Sep 17 00:00:00 2001 From: Kaveh Dadgar Date: Sat, 7 Oct 2023 21:44:02 +0200 Subject: [PATCH 52/54] v2ray-geodata: add package v2ray-geosite-ir "Iran Hosted Domains" is a comprehensive list of Iranian domains and services that are hosted within the country. Signed-off-by: Kaveh Dadgar --- net/v2ray-geodata/Makefile | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/net/v2ray-geodata/Makefile b/net/v2ray-geodata/Makefile index 9cc4d32654..1ce0b2e732 100644 --- a/net/v2ray-geodata/Makefile +++ b/net/v2ray-geodata/Makefile @@ -30,6 +30,15 @@ define Download/geosite HASH:=d393deda756a446ec5247730ef09fed80ba9fb8d9204d1263c45a3604435fe57 endef +GEOSITE_IRAN_VER:=202309250024 +GEOSITE_IRAN_FILE:=iran.dat.$(GEOSITE_IRAN_VER) +define Download/geosite-ir + URL:=https://github.com/bootmortis/iran-hosted-domains/releases/download/$(GEOSITE_IRAN_VER)/ + URL_FILE:=iran.dat + FILE:=$(GEOSITE_IRAN_FILE) + HASH:=1eccf6e1514ceb338a91da0c938d62a0e0c1e1aee12f8d479fafcdadace5625a +endef + define Package/v2ray-geodata/template SECTION:=net CATEGORY:=Network @@ -54,6 +63,14 @@ define Package/v2ray-geosite LICENSE:=MIT endef +define Package/v2ray-geosite-ir + $(call Package/v2ray-geodata/template) + TITLE:=Iran Geosite List for V2Ray + PROVIDES:=xray-geosite-ir + VERSION:=$(GEOSITE_IRAN_VER)-$(PKG_RELEASE) + LICENSE:=MIT +endef + define Build/Prepare $(call Build/Prepare/Default) ifneq ($(CONFIG_PACKAGE_v2ray-geoip),) @@ -62,6 +79,9 @@ endif ifneq ($(CONFIG_PACKAGE_v2ray-geosite),) $(call Download,geosite) endif +ifneq ($(CONFIG_PACKAGE_v2ray-geosite-ir),) + $(call Download,geosite-ir) +endif endef define Build/Compile @@ -79,5 +99,12 @@ define Package/v2ray-geosite/install $(LN) ../v2ray/geosite.dat $(1)/usr/share/xray/geosite.dat endef +define Package/v2ray-geosite-ir/install + $(INSTALL_DIR) $(1)/usr/share/v2ray $(1)/usr/share/xray + $(INSTALL_DATA) $(DL_DIR)/$(GEOSITE_IRAN_FILE) $(1)/usr/share/v2ray/iran.dat + $(LN) ../v2ray/iran.dat $(1)/usr/share/xray/iran.dat +endef + $(eval $(call BuildPackage,v2ray-geoip)) $(eval $(call BuildPackage,v2ray-geosite)) +$(eval $(call BuildPackage,v2ray-geosite-ir)) From 02b723bec3c17567edf60e6bf8012834c49a7270 Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Sat, 7 Oct 2023 12:51:06 +0800 Subject: [PATCH 53/54] v2ray-core: Update to 5.8.0 Removed upstreamed patches. Signed-off-by: Tianling Shen --- net/v2ray-core/Makefile | 6 +- ...ould-not-have-http-1.1-and-h2-ALPNs-.patch | 38 -- .../002-Migrate-to-quic-go-v0.36.0-2561.patch | 611 ------------------ ...n-dns-over-quic-when-address-is-a-ip.patch | 29 - ...-in-qtls-cipher-suite-implementation.patch | 109 ---- .../010-chore-go-update-dependencies.patch | 40 -- 6 files changed, 3 insertions(+), 830 deletions(-) delete mode 100644 net/v2ray-core/patches/001-DNS-over-QUIC-should-not-have-http-1.1-and-h2-ALPNs-.patch delete mode 100644 net/v2ray-core/patches/002-Migrate-to-quic-go-v0.36.0-2561.patch delete mode 100644 net/v2ray-core/patches/003-fix-panic-in-dns-over-quic-when-address-is-a-ip.patch delete mode 100644 net/v2ray-core/patches/004-feat-bulit-in-qtls-cipher-suite-implementation.patch delete mode 100644 net/v2ray-core/patches/010-chore-go-update-dependencies.patch diff --git a/net/v2ray-core/Makefile b/net/v2ray-core/Makefile index 7609253b08..60084a7df6 100644 --- a/net/v2ray-core/Makefile +++ b/net/v2ray-core/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=v2ray-core -PKG_VERSION:=5.7.0 -PKG_RELEASE:=2 +PKG_VERSION:=5.8.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/v2fly/v2ray-core/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=599fcd264537e39178b6008a11af68816dfd1609e19a9cf8adc8b2a4240ee370 +PKG_HASH:=340798554d2c7f0e5fb719f9d9dd6a667dfe93ccdd3b1d653c3a3bdb04ed2d00 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE diff --git a/net/v2ray-core/patches/001-DNS-over-QUIC-should-not-have-http-1.1-and-h2-ALPNs-.patch b/net/v2ray-core/patches/001-DNS-over-QUIC-should-not-have-http-1.1-and-h2-ALPNs-.patch deleted file mode 100644 index 141004beb4..0000000000 --- a/net/v2ray-core/patches/001-DNS-over-QUIC-should-not-have-http-1.1-and-h2-ALPNs-.patch +++ /dev/null @@ -1,38 +0,0 @@ -From cd9f183fa836caba816ee73d486dda507a4e9c56 Mon Sep 17 00:00:00 2001 -From: dyhkwong <50692134+dyhkwong@users.noreply.github.com> -Date: Wed, 28 Jun 2023 14:28:23 +0800 -Subject: [PATCH] DNS over QUIC should not have "http/1.1" and "h2" ALPNs - (#2570) - ---- - app/dns/nameserver_quic.go | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - ---- a/app/dns/nameserver_quic.go -+++ b/app/dns/nameserver_quic.go -@@ -11,7 +11,6 @@ import ( - - "github.com/quic-go/quic-go" - "golang.org/x/net/dns/dnsmessage" -- "golang.org/x/net/http2" - - "github.com/v2fly/v2ray-core/v5/common" - "github.com/v2fly/v2ray-core/v5/common/buf" -@@ -25,7 +24,7 @@ import ( - ) - - // NextProtoDQ - During connection establishment, DNS/QUIC support is indicated --// by selecting the ALPN token "dq" in the crypto handshake. -+// by selecting the ALPN token "doq" in the crypto handshake. - const NextProtoDQ = "doq" - - const handshakeIdleTimeout = time.Second * 8 -@@ -383,7 +382,7 @@ func (s *QUICNameServer) openConnection( - HandshakeIdleTimeout: handshakeIdleTimeout, - } - -- conn, err := quic.DialAddrContext(ctx, s.destination.NetAddr(), tlsConfig.GetTLSConfig(tls.WithNextProto("http/1.1", http2.NextProtoTLS, NextProtoDQ)), quicConfig) -+ conn, err := quic.DialAddrContext(ctx, s.destination.NetAddr(), tlsConfig.GetTLSConfig(tls.WithNextProto(NextProtoDQ)), quicConfig) - if err != nil { - return nil, err - } diff --git a/net/v2ray-core/patches/002-Migrate-to-quic-go-v0.36.0-2561.patch b/net/v2ray-core/patches/002-Migrate-to-quic-go-v0.36.0-2561.patch deleted file mode 100644 index 3603e93d2d..0000000000 --- a/net/v2ray-core/patches/002-Migrate-to-quic-go-v0.36.0-2561.patch +++ /dev/null @@ -1,611 +0,0 @@ -From e102d52e7c5485abf0a3d1612078ee4b2d4e9539 Mon Sep 17 00:00:00 2001 -From: Tim Xylon -Date: Sat, 1 Jul 2023 15:31:19 +0800 -Subject: [PATCH] Migrate to quic-go v0.36.0 (#2561) - ---- - app/dns/nameserver_quic.go | 6 +- - go.mod | 72 ++++++------ - go.sum | 176 ++++++++++++++++-------------- - transport/internet/quic/dialer.go | 8 +- - transport/internet/quic/hub.go | 10 +- - 5 files changed, 146 insertions(+), 126 deletions(-) - ---- a/app/dns/nameserver_quic.go -+++ b/app/dns/nameserver_quic.go -@@ -377,12 +377,14 @@ func (s *QUICNameServer) getConnection(c - } - - func (s *QUICNameServer) openConnection(ctx context.Context) (quic.Connection, error) { -- tlsConfig := tls.Config{} -+ tlsConfig := tls.Config{ -+ ServerName: s.destination.Address.Domain(), -+ } - quicConfig := &quic.Config{ - HandshakeIdleTimeout: handshakeIdleTimeout, - } - -- conn, err := quic.DialAddrContext(ctx, s.destination.NetAddr(), tlsConfig.GetTLSConfig(tls.WithNextProto(NextProtoDQ)), quicConfig) -+ conn, err := quic.DialAddr(ctx, s.destination.NetAddr(), tlsConfig.GetTLSConfig(tls.WithNextProto(NextProtoDQ)), quicConfig) - if err != nil { - return nil, err - } ---- a/go.mod -+++ b/go.mod -@@ -6,34 +6,34 @@ require ( - github.com/adrg/xdg v0.4.0 - github.com/go-chi/chi/v5 v5.0.8 - github.com/go-chi/render v1.0.2 -- github.com/go-playground/validator/v10 v10.11.2 -+ github.com/go-playground/validator/v10 v10.14.1 - github.com/golang/mock v1.6.0 -- github.com/golang/protobuf v1.5.2 -+ github.com/golang/protobuf v1.5.3 - github.com/google/go-cmp v0.5.9 - github.com/gorilla/websocket v1.5.0 -- github.com/jhump/protoreflect v1.15.0 -- github.com/miekg/dns v1.1.51 -+ github.com/jhump/protoreflect v1.15.1 -+ github.com/miekg/dns v1.1.54 - github.com/mustafaturan/bus v1.0.2 - github.com/pelletier/go-toml v1.9.5 -- github.com/pires/go-proxyproto v0.6.2 -+ github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/qtls-go1-19 v0.3.2 - github.com/quic-go/qtls-go1-20 v0.2.2 -- github.com/quic-go/quic-go v0.33.0 -+ github.com/quic-go/quic-go v0.36.0 - github.com/refraction-networking/utls v1.3.2 - github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb -- github.com/stretchr/testify v1.8.2 -+ github.com/stretchr/testify v1.8.4 - github.com/v2fly/BrowserBridge v0.0.0-20210430233438-0570fc1d7d08 - github.com/v2fly/VSign v0.0.0-20201108000810-e2adc24bf848 - github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e - github.com/xiaokangwang/VLite v0.0.0-20220418190619-cff95160a432 -- go.starlark.net v0.0.0-20220817180228-f738f5508c12 -- go4.org/netipx v0.0.0-20220812043211-3cc044ffd68d -- golang.org/x/crypto v0.6.0 -- golang.org/x/net v0.7.0 -- golang.org/x/sync v0.1.0 -- golang.org/x/sys v0.5.0 -- google.golang.org/grpc v1.53.0 -- google.golang.org/protobuf v1.28.2-0.20220831092852-f930b1dc76e8 -+ go.starlark.net v0.0.0-20230612165344-9532f5667272 -+ go4.org/netipx v0.0.0-20230303233057-f1b76eb4bb35 -+ golang.org/x/crypto v0.9.0 -+ golang.org/x/net v0.10.0 -+ golang.org/x/sync v0.2.0 -+ golang.org/x/sys v0.9.0 -+ google.golang.org/grpc v1.55.0 -+ google.golang.org/protobuf v1.31.0 - gopkg.in/yaml.v3 v3.0.1 - h12.io/socks v1.0.3 - ) -@@ -41,38 +41,38 @@ require ( - require ( - github.com/aead/cmac v0.0.0-20160719120800-7af84192f0b1 // indirect - github.com/ajg/form v1.5.1 // indirect -- github.com/andybalholm/brotli v1.0.4 // indirect -+ github.com/andybalholm/brotli v1.0.5 // indirect - github.com/boljen/go-bitmap v0.0.0-20151001105940-23cd2fb0ce7d // indirect -- github.com/bufbuild/protocompile v0.2.1-0.20230123224550-da57cd758c2f // indirect -+ github.com/bufbuild/protocompile v0.5.1 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect -- github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165 // indirect -+ github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 // indirect - github.com/ebfe/bcrypt_pbkdf v0.0.0-20140212075826-3c8d2dcb253a // indirect -+ github.com/gabriel-vasile/mimetype v1.4.2 // indirect - github.com/gaukas/godicttls v0.0.3 // indirect - github.com/go-playground/locales v0.14.1 // indirect - github.com/go-playground/universal-translator v0.18.1 // indirect -- github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect -- github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect -- github.com/klauspost/compress v1.15.15 // indirect -- github.com/klauspost/cpuid v1.2.3 // indirect -- github.com/klauspost/reedsolomon v1.9.3 // indirect -- github.com/leodido/go-urn v1.2.1 // indirect -+ github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect -+ github.com/google/pprof v0.0.0-20230602150820-91b7bce49751 // indirect -+ github.com/klauspost/compress v1.16.5 // indirect -+ github.com/klauspost/cpuid/v2 v2.2.5 // indirect -+ github.com/klauspost/reedsolomon v1.11.7 // indirect -+ github.com/leodido/go-urn v1.2.4 // indirect - github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40 // indirect - github.com/mustafaturan/monoton v1.0.0 // indirect -- github.com/onsi/ginkgo/v2 v2.2.0 // indirect -+ github.com/onsi/ginkgo/v2 v2.10.0 // indirect - github.com/patrickmn/go-cache v2.1.0+incompatible // indirect -- github.com/pion/dtls/v2 v2.2.4 // indirect -+ github.com/pion/dtls/v2 v2.2.7 // indirect - github.com/pion/logging v0.2.2 // indirect -- github.com/pion/sctp v1.7.6 // indirect -- github.com/pion/transport/v2 v2.0.0 // indirect -- github.com/pion/udp v0.1.4 // indirect -- github.com/pkg/errors v0.9.1 // indirect -+ github.com/pion/randutil v0.1.0 // indirect -+ github.com/pion/sctp v1.8.7 // indirect -+ github.com/pion/transport/v2 v2.2.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect - github.com/secure-io/siv-go v0.0.0-20180922214919-5ff40651e2c4 // indirect -- github.com/xtaci/smux v1.5.15 // indirect -- golang.org/x/exp v0.0.0-20221205204356-47842c84f3db // indirect -- golang.org/x/mod v0.7.0 // indirect -- golang.org/x/text v0.7.0 // indirect -- golang.org/x/tools v0.3.0 // indirect -- google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect -+ github.com/xtaci/smux v1.5.24 // indirect -+ golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect -+ golang.org/x/mod v0.10.0 // indirect -+ golang.org/x/text v0.10.0 // indirect -+ golang.org/x/tools v0.9.3 // indirect -+ google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect - ) ---- a/go.sum -+++ b/go.sum -@@ -23,8 +23,8 @@ github.com/ajg/form v1.5.1 h1:t9c7v8JUKu - github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= - github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= - github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= --github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY= --github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= -+github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs= -+github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= - github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= - github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= - github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -@@ -34,8 +34,8 @@ github.com/bgentry/speakeasy v0.1.0/go.m - github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= - github.com/boljen/go-bitmap v0.0.0-20151001105940-23cd2fb0ce7d h1:zsO4lp+bjv5XvPTF58Vq+qgmZEYZttJK+CWtSZhKenI= - github.com/boljen/go-bitmap v0.0.0-20151001105940-23cd2fb0ce7d/go.mod h1:f1iKL6ZhUWvbk7PdWVmOaak10o86cqMUYEmn1CZNGEI= --github.com/bufbuild/protocompile v0.2.1-0.20230123224550-da57cd758c2f h1:IXSA5gow10s7zIOJfPOpXDtNBWCTA0715BDAhoJBXEs= --github.com/bufbuild/protocompile v0.2.1-0.20230123224550-da57cd758c2f/go.mod h1:tleDrpPTlLUVmgnEoN6qBliKWqJaZFJXqZdFjTd+ocU= -+github.com/bufbuild/protocompile v0.5.1 h1:mixz5lJX4Hiz4FpqFREJHIXLfaLBntfaJv1h+/jS+Qg= -+github.com/bufbuild/protocompile v0.5.1/go.mod h1:G5iLmavmF4NsYtpZFvE3B/zFch2GIY8+wjsYLR/lc40= - github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= - github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= - github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -@@ -53,8 +53,9 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9 - github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= - github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= - github.com/dgryski/go-metro v0.0.0-20180109044635-280f6062b5bc/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw= --github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165 h1:BS21ZUJ/B5X2UVUbczfmdWH7GapPWAhxcMsDnjJTU1E= - github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw= -+github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 h1:y7y0Oa6UawqTFPCDw9JG6pdKt4F9pAhHv0B7FMGaGD0= -+github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw= - github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= - github.com/ebfe/bcrypt_pbkdf v0.0.0-20140212075826-3c8d2dcb253a h1:YtdtTUN1iH97s+6PUjLnaiKSQj4oG1/EZ3N9bx6g4kU= - github.com/ebfe/bcrypt_pbkdf v0.0.0-20140212075826-3c8d2dcb253a/go.mod h1:/CZpbhAusDOobpcb9yubw46kdYjq0zRC0Wpg9a9zFQM= -@@ -63,6 +64,8 @@ github.com/envoyproxy/protoc-gen-validat - github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= - github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= - github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -+github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= -+github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= - github.com/gaukas/godicttls v0.0.3 h1:YNDIf0d9adcxOijiLrEzpfZGAkNwLRzPaG6OjU7EITk= - github.com/gaukas/godicttls v0.0.3/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI= - github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -@@ -74,16 +77,17 @@ github.com/go-gl/glfw v0.0.0-20190409004 - github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= - github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= - github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -+github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= - github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= - github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= - github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= - github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= - github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= --github.com/go-playground/validator/v10 v10.11.2 h1:q3SHpufmypg+erIExEKUmsgmhDTyhcJ38oeKGACXohU= --github.com/go-playground/validator/v10 v10.11.2/go.mod h1:NieE624vt4SCTJtD87arVLvdmjPAeV8BQlHtMnw9D7s= -+github.com/go-playground/validator/v10 v10.14.1 h1:9c50NUPC30zyuKprjL3vNZ0m5oG+jU0zvx4AqHGnv4k= -+github.com/go-playground/validator/v10 v10.14.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= - github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= --github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= --github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -+github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -+github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= - github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= - github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= - github.com/golang-collections/go-datastructures v0.0.0-20150211160725-59788d5eb259/go.mod h1:9Qcha0gTWLw//0VNka1Cbnjvg3pNKGFdAm7E9sBabxE= -@@ -104,8 +108,8 @@ github.com/golang/protobuf v1.4.0-rc.4.0 - github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= - github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= - github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= --github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= --github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -+github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -+github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= - github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= - github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= - github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -@@ -121,8 +125,8 @@ github.com/google/gopacket v1.1.17/go.mo - github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= - github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= - github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= --github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE= --github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -+github.com/google/pprof v0.0.0-20230602150820-91b7bce49751 h1:hR7/MlvK23p6+lIw9SN1TigNLn9ZnF3W4SYRKq2gAHs= -+github.com/google/pprof v0.0.0-20230602150820-91b7bce49751/go.mod h1:Jh3hGz2jkYak8qXPD19ryItVnUgpgeqzdkY/D0EaeuA= - github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= - github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= - github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -@@ -157,10 +161,9 @@ github.com/hashicorp/logutils v1.0.0/go. - github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= - github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= - github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= --github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= - github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= --github.com/jhump/protoreflect v1.15.0 h1:U5T5/2LF0AZQFP9T4W5GfBjBaTruomrKobiR4E+oA/Q= --github.com/jhump/protoreflect v1.15.0/go.mod h1:qww51KYjD2hoCl/ohxw5cK2LSssFczrbO1t8Ld2TENs= -+github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -+github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= - github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= - github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= - github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -@@ -168,21 +171,23 @@ github.com/jtolds/gls v4.20.0+incompatib - github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= - github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= - github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= --github.com/klauspost/compress v1.15.15 h1:EF27CXIuDsYJ6mmvtBRlEuB2UVOqHG1tAXgZ7yIO+lw= --github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4= --github.com/klauspost/cpuid v1.2.3 h1:CCtW0xUnWGVINKvE/WWOYKdsPV6mawAtvQuSl8guwQs= -+github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= -+github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= - github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= --github.com/klauspost/reedsolomon v1.9.3 h1:N/VzgeMfHmLc+KHMD1UL/tNkfXAt8FnUqlgXGIduwAY= -+github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= -+github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= - github.com/klauspost/reedsolomon v1.9.3/go.mod h1:CwCi+NUr9pqSVktrkN+Ondf06rkhYZ/pcNv7fu+8Un4= -+github.com/klauspost/reedsolomon v1.11.7 h1:9uaHU0slncktTEEg4+7Vl7q7XUNMBUOK4R9gnKhMjAU= -+github.com/klauspost/reedsolomon v1.11.7/go.mod h1:4bXRN+cVzMdml6ti7qLouuYi32KHJ5MGv0Qd8a47h6A= - github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= - github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= - github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= --github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= - github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= - github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= - github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= --github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= --github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= -+github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= -+github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= - github.com/lunixbochs/struc v0.0.0-20190916212049-a5c72983bc42/go.mod h1:vy1vK6wD6j7xX6O6hXe621WabdtNkou2h7uRtTfRMyg= - github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40 h1:EnfXoSqDfSNJv0VBNqY/88RNnhSGYkrHaO0mmFGbVsc= - github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40/go.mod h1:vy1vK6wD6j7xX6O6hXe621WabdtNkou2h7uRtTfRMyg= -@@ -191,8 +196,8 @@ github.com/mattn/go-colorable v0.0.9/go. - github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= - github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= - github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= --github.com/miekg/dns v1.1.51 h1:0+Xg7vObnhrz/4ZCZcZh7zPXlmU0aveS2HDBd0m0qSo= --github.com/miekg/dns v1.1.51/go.mod h1:2Z9d3CP1LQWihRZUf29mQ19yDThaI4DAYzte2CaQW5c= -+github.com/miekg/dns v1.1.54 h1:5jon9mWcb0sFJGpnI99tOMhCPyJ+RPVz5b63MQG0VWI= -+github.com/miekg/dns v1.1.54/go.mod h1:uInx36IzPl7FYnDcMeVWxj9byh7DutNykX4G9Sj60FY= - github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= - github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= - github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -@@ -212,9 +217,9 @@ github.com/mwitkow/go-conntrack v0.0.0-2 - github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= - github.com/neelance/sourcemap v0.0.0-20200213170602-2833bce08e4c/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM= - github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= --github.com/onsi/ginkgo/v2 v2.2.0 h1:3ZNA3L1c5FYDFTTxbFeVGGD8jYvjYauHD30YgLxVsNI= --github.com/onsi/ginkgo/v2 v2.2.0/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= --github.com/onsi/gomega v1.20.1 h1:PA/3qinGoukvymdIDV8pii6tiZgC8kbmJO6Z5+b002Q= -+github.com/onsi/ginkgo/v2 v2.10.0 h1:sfUl4qgLdvkChZrWCYndY2EAu9BRIw1YphNAzy1VNWs= -+github.com/onsi/ginkgo/v2 v2.10.0/go.mod h1:UDQOh5wbQUlMnkLfVaIUMtQ1Vus92oM+P2JX1aulgcE= -+github.com/onsi/gomega v1.27.7 h1:fVih9JD6ogIiHUN6ePK7HJidyEDpWGVB5mzM7cWNXoU= - github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= - github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= - github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= -@@ -224,23 +229,23 @@ github.com/pelletier/go-toml v1.9.5/go.m - github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc= - github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= - github.com/pion/dtls/v2 v2.0.0-rc.7/go.mod h1:U199DvHpRBN0muE9+tVN4TMy1jvEhZIZ63lk4xkvVSk= --github.com/pion/dtls/v2 v2.2.4 h1:YSfYwDQgrxMYXLBc/m7PFY5BVtWlNm/DN4qoU2CbcWg= --github.com/pion/dtls/v2 v2.2.4/go.mod h1:WGKfxqhrddne4Kg3p11FUMJrynkOY4lb25zHNO49wuw= -+github.com/pion/dtls/v2 v2.2.7 h1:cSUBsETxepsCSFSxC3mc/aDo14qQLMSL+O6IjG28yV8= -+github.com/pion/dtls/v2 v2.2.7/go.mod h1:8WiMkebSHFD0T+dIU+UeBaoV7kDhOW5oDCzZ7WZ/F9s= - github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY= - github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms= --github.com/pion/sctp v1.7.6 h1:8qZTdJtbKfAns/Hv5L0PAj8FyXcsKhMH1pKUCGisQg4= -+github.com/pion/randutil v0.1.0 h1:CFG1UdESneORglEsnimhUjf33Rwjubwj6xfiOXBa3mA= -+github.com/pion/randutil v0.1.0/go.mod h1:XcJrSMMbbMRhASFVOlj/5hQial/Y8oH/HVo7TBZq+j8= - github.com/pion/sctp v1.7.6/go.mod h1:ichkYQ5tlgCQwEwvgfdcAolqx1nHbYCxo4D7zK/K0X8= --github.com/pion/transport v0.8.10 h1:lTiobMEw2PG6BH/mgIVqTV2mBp/mPT+IJLaN8ZxgdHk= -+github.com/pion/sctp v1.8.7 h1:JnABvFakZueGAn4KU/4PSKg+GWbF6QWbKTWZOSGJjXw= -+github.com/pion/sctp v1.8.7/go.mod h1:g1Ul+ARqZq5JEmoFy87Q/4CePtKnTJ1QCL9dBBdN6AU= - github.com/pion/transport v0.8.10/go.mod h1:tBmha/UCjpum5hqTWhfAEs3CO4/tHSg0MYRhSzR+CZ8= --github.com/pion/transport/v2 v2.0.0 h1:bsMYyqHCbkvHwj+eNCFBuxtlKndKfyGI2vaQmM3fIE4= --github.com/pion/transport/v2 v2.0.0/go.mod h1:HS2MEBJTwD+1ZI2eSXSvHJx/HnzQqRy2/LXxt6eVMHc= --github.com/pion/udp v0.1.4 h1:OowsTmu1Od3sD6i3fQUJxJn2fEvJO6L1TidgadtbTI8= --github.com/pion/udp v0.1.4/go.mod h1:G8LDo56HsFwC24LIcnT4YIDU5qcB6NepqqjP0keL2us= --github.com/pires/go-proxyproto v0.6.2 h1:KAZ7UteSOt6urjme6ZldyFm4wDe/z0ZUP0Yv0Dos0d8= --github.com/pires/go-proxyproto v0.6.2/go.mod h1:Odh9VFOZJCf9G8cLW5o435Xf1J95Jw9Gw5rnCjcwzAY= -+github.com/pion/transport/v2 v2.1.0/go.mod h1:AdSw4YBZVDkZm8fpoz+fclXyQwANWmZAlDuQdctTThQ= -+github.com/pion/transport/v2 v2.2.1 h1:7qYnCBlpgSJNYMbLCKuSY9KbQdBFoETvPNETv0y4N7c= -+github.com/pion/transport/v2 v2.2.1/go.mod h1:cXXWavvCnFF6McHTft3DWS9iic2Mftcz1Aq29pGcU5g= -+github.com/pires/go-proxyproto v0.7.0 h1:IukmRewDQFWC7kfnb66CSomk2q/seBuilHBYFwyq0Hs= -+github.com/pires/go-proxyproto v0.7.0/go.mod h1:Vz/1JPY/OACxWGQNIRY2BeyDmpoaWmEP40O9LbuiFR4= - github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= - github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= --github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= - github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= - github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= - github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -@@ -259,15 +264,14 @@ github.com/quic-go/qtls-go1-19 v0.3.2 h1 - github.com/quic-go/qtls-go1-19 v0.3.2/go.mod h1:ySOI96ew8lnoKPtSqx2BlI5wCpUVPT05RMAlajtnyOI= - github.com/quic-go/qtls-go1-20 v0.2.2 h1:WLOPx6OY/hxtTxKV1Zrq20FtXtDEkeY00CGQm8GEa3E= - github.com/quic-go/qtls-go1-20 v0.2.2/go.mod h1:JKtK6mjbAVcUTN/9jZpvLbGxvdWIKS8uT7EiStoU1SM= --github.com/quic-go/quic-go v0.33.0 h1:ItNoTDN/Fm/zBlq769lLJc8ECe9gYaW40veHCCco7y0= --github.com/quic-go/quic-go v0.33.0/go.mod h1:YMuhaAV9/jIu0XclDXwZPAsP/2Kgr5yMYhe9oxhhOFA= -+github.com/quic-go/quic-go v0.36.0 h1:JIrO7p7Ug6hssFcARjWDiqS2RAKJHCiwPxBAA989rbI= -+github.com/quic-go/quic-go v0.36.0/go.mod h1:zPetvwDlILVxt15n3hr3Gf/I3mDf7LpLKPhR4Ez0AZQ= - github.com/refraction-networking/utls v1.3.2 h1:o+AkWB57mkcoW36ET7uJ002CpBWHu0KPxi6vzxvPnv8= - github.com/refraction-networking/utls v1.3.2/go.mod h1:fmoaOww2bxzzEpIKOebIsnBvjQpqP7L2vcm/9KUfm/E= - github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= - github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= - github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= - github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= --github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= - github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= - github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= - github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -@@ -304,9 +308,10 @@ github.com/stretchr/testify v1.6.1/go.mo - github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= - github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= - github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= --github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= --github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= - github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -+github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= - github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= - github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= - github.com/txthinking/runnergroup v0.0.0-20200327135940-540a793bb997/go.mod h1:CLUSJbazqETbaR+i0YAhXBICV9TrKH93pziccMhmhpM= -@@ -322,21 +327,22 @@ github.com/xiang90/probing v0.0.0-201901 - github.com/xiaokangwang/VLite v0.0.0-20220418190619-cff95160a432 h1:I/ATawgO2RerCq9ACwL0wBB8xNXZdE3J+93MCEHReRs= - github.com/xiaokangwang/VLite v0.0.0-20220418190619-cff95160a432/go.mod h1:QN7Go2ftTVfx0aCTh9RXHV8pkpi0FtmbwQw40dy61wQ= - github.com/xtaci/smux v1.5.12/go.mod h1:OMlQbT5vcgl2gb49mFkYo6SMf+zP3rcjcwQz7ZU7IGY= --github.com/xtaci/smux v1.5.15 h1:6hMiXswcleXj5oNfcJc+DXS8Vj36XX2LaX98udog6Kc= - github.com/xtaci/smux v1.5.15/go.mod h1:OMlQbT5vcgl2gb49mFkYo6SMf+zP3rcjcwQz7ZU7IGY= -+github.com/xtaci/smux v1.5.24 h1:77emW9dtnOxxOQ5ltR+8BbsX1kzcOxQ5gB+aaV9hXOY= -+github.com/xtaci/smux v1.5.24/go.mod h1:OMlQbT5vcgl2gb49mFkYo6SMf+zP3rcjcwQz7ZU7IGY= - github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= - github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= - github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= - go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= - go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= - go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= --go.starlark.net v0.0.0-20220817180228-f738f5508c12 h1:xOBJXWGEDwU5xSDxH6macxO11Us0AH2fTa9rmsbbF7g= --go.starlark.net v0.0.0-20220817180228-f738f5508c12/go.mod h1:VZcBMdr3cT3PnBoWunTabuSEXwVAH+ZJ5zxfs3AdASk= -+go.starlark.net v0.0.0-20230612165344-9532f5667272 h1:2/wtqS591wZyD2OsClsVBKRPEvBsQt/Js+fsCiYhwu8= -+go.starlark.net v0.0.0-20230612165344-9532f5667272/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= - go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= - go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= - go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= --go4.org/netipx v0.0.0-20220812043211-3cc044ffd68d h1:ggxwEf5eu0l8v+87VhX1czFh8zJul3hK16Gmruxn7hw= --go4.org/netipx v0.0.0-20220812043211-3cc044ffd68d/go.mod h1:tgPU4N2u9RByaTN3NC2p9xOzyFpte4jYwsIIRF7XlSc= -+go4.org/netipx v0.0.0-20230303233057-f1b76eb4bb35 h1:nJAwRlGWZZDOD+6wni9KVUNHMpHko/OnRwsrCYeAzPo= -+go4.org/netipx v0.0.0-20230303233057-f1b76eb4bb35/go.mod h1:TQvodOM+hJTioNQJilmLXu08JNb8i+ccq418+KWu1/Y= - golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= - golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= - golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -@@ -348,16 +354,16 @@ golang.org/x/crypto v0.0.0-2020062221362 - golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= - golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= - golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= --golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= --golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= --golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -+golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= -+golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= -+golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= - golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= - golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= - golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= - golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= - golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= --golang.org/x/exp v0.0.0-20221205204356-47842c84f3db h1:D/cFflL63o2KSLJIwjlcIt8PR064j/xsmdEJL/YvY/o= --golang.org/x/exp v0.0.0-20221205204356-47842c84f3db/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= -+golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= -+golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= - golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= - golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= - golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -@@ -374,8 +380,9 @@ golang.org/x/mod v0.1.0/go.mod h1:0QHyrY - golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= - golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= - golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= --golang.org/x/mod v0.7.0 h1:LapD9S96VoQRhi/GrNTqeBJFrUjs5UHCAtTlgwA5oZA= --golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -+golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= -+golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= - golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= - golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= - golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -@@ -395,11 +402,11 @@ golang.org/x/net v0.0.0-20201021035429-f - golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= - golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= - golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= --golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= --golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= --golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= --golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= --golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -+golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -+golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -+golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= -+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= - golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= - golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= - golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -@@ -411,8 +418,9 @@ golang.org/x/sync v0.0.0-20190423024810- - golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= - golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= - golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= --golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= - golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -+golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI= -+golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= - golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= - golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= - golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -@@ -429,7 +437,6 @@ golang.org/x/sys v0.0.0-20190507160741-e - golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= --golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -@@ -440,27 +447,29 @@ golang.org/x/sys v0.0.0-20210510120138-9 - golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= - golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= - golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= - golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= --golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= --golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= --golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= --golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= --golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= - golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -+golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= -+golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= - golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= - golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= --golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= --golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= --golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= -+golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -+golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -+golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= - golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= - golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= - golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= - golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= - golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= --golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= --golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= --golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= - golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -+golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -+golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= -+golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= - golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= - golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= - golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -@@ -485,8 +494,9 @@ golang.org/x/tools v0.0.0-20191119224855 - golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= - golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= - golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= --golang.org/x/tools v0.3.0 h1:SrNbZl6ECOS1qFzgTdQfWXZM9XBkiA6tkFrH9YSTPHM= --golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= -+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -+golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= -+golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= - golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= - golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= - golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -@@ -510,15 +520,15 @@ google.golang.org/genproto v0.0.0-201908 - google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= - google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= - google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= --google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f h1:BWUVssLB0HVOSY78gIdvk1dTVYtT1y8SBWtPYuTJ/6w= --google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -+google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc h1:XSJ8Vk1SWuNr8S18z1NZSziL0CPIXLCCMDOEFtHBOFc= -+google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= - google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= - google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= - google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= - google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= - google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= --google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc= --google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= -+google.golang.org/grpc v1.55.0 h1:3Oj82/tFSCeUrRTg/5E/7d/W5A1tj6Ky1ABAuZuv5ag= -+google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8= - google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= - google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= - google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -@@ -529,13 +539,13 @@ google.golang.org/protobuf v1.23.1-0.202 - google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= - google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= - google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= --google.golang.org/protobuf v1.28.2-0.20220831092852-f930b1dc76e8 h1:KR8+MyP7/qOlV+8Af01LtjL04bu7on42eVsxT4EyBQk= --google.golang.org/protobuf v1.28.2-0.20220831092852-f930b1dc76e8/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= - gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= - gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= - gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= - gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= --gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= - gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= - gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= - gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= ---- a/transport/internet/quic/dialer.go -+++ b/transport/internet/quic/dialer.go -@@ -150,7 +150,6 @@ func (s *clientConnections) openConnecti - } - - quicConfig := &quic.Config{ -- ConnectionIDLength: 12, - HandshakeIdleTimeout: time.Second * 8, - MaxIdleTimeout: time.Second * 30, - KeepAlivePeriod: time.Second * 15, -@@ -162,7 +161,12 @@ func (s *clientConnections) openConnecti - return nil, err - } - -- conn, err := quic.DialContext(context.Background(), sysConn, destAddr, "", tlsConfig.GetTLSConfig(tls.WithDestination(dest)), quicConfig) -+ tr := quic.Transport{ -+ Conn: sysConn, -+ ConnectionIDLength: 12, -+ } -+ -+ conn, err := tr.Dial(context.Background(), destAddr, tlsConfig.GetTLSConfig(tls.WithDestination(dest)), quicConfig) - if err != nil { - sysConn.Close() - return nil, err ---- a/transport/internet/quic/hub.go -+++ b/transport/internet/quic/hub.go -@@ -17,7 +17,7 @@ import ( - // Listener is an internet.Listener that listens for TCP connections. - type Listener struct { - rawConn *sysConn -- listener quic.Listener -+ listener *quic.Listener - done *done.Instance - addConn internet.ConnHandler - } -@@ -102,7 +102,6 @@ func Listen(ctx context.Context, address - } - - quicConfig := &quic.Config{ -- ConnectionIDLength: 12, - HandshakeIdleTimeout: time.Second * 8, - MaxIdleTimeout: time.Second * 45, - MaxIncomingStreams: 32, -@@ -116,7 +115,12 @@ func Listen(ctx context.Context, address - return nil, err - } - -- qListener, err := quic.Listen(conn, tlsConfig.GetTLSConfig(), quicConfig) -+ tr := quic.Transport{ -+ Conn: conn, -+ ConnectionIDLength: 12, -+ } -+ -+ qListener, err := tr.Listen(tlsConfig.GetTLSConfig(), quicConfig) - if err != nil { - conn.Close() - return nil, err diff --git a/net/v2ray-core/patches/003-fix-panic-in-dns-over-quic-when-address-is-a-ip.patch b/net/v2ray-core/patches/003-fix-panic-in-dns-over-quic-when-address-is-a-ip.patch deleted file mode 100644 index 23bac4b945..0000000000 --- a/net/v2ray-core/patches/003-fix-panic-in-dns-over-quic-when-address-is-a-ip.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 5c995d97f43e8e97ee0cb3d1aa12450d3968c8d2 Mon Sep 17 00:00:00 2001 -From: AkinoKaede -Date: Sun, 2 Jul 2023 09:47:33 +0800 -Subject: [PATCH] fix: panic in dns over quic when address is a ip - ---- - app/dns/nameserver_quic.go | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - ---- a/app/dns/nameserver_quic.go -+++ b/app/dns/nameserver_quic.go -@@ -378,7 +378,16 @@ func (s *QUICNameServer) getConnection(c - - func (s *QUICNameServer) openConnection(ctx context.Context) (quic.Connection, error) { - tlsConfig := tls.Config{ -- ServerName: s.destination.Address.Domain(), -+ ServerName: func() string { -+ switch s.destination.Address.Family() { -+ case net.AddressFamilyIPv4, net.AddressFamilyIPv6: -+ return s.destination.Address.IP().String() -+ case net.AddressFamilyDomain: -+ return s.destination.Address.Domain() -+ default: -+ panic("unknown address family") -+ } -+ }(), - } - quicConfig := &quic.Config{ - HandshakeIdleTimeout: handshakeIdleTimeout, diff --git a/net/v2ray-core/patches/004-feat-bulit-in-qtls-cipher-suite-implementation.patch b/net/v2ray-core/patches/004-feat-bulit-in-qtls-cipher-suite-implementation.patch deleted file mode 100644 index 54d447658d..0000000000 --- a/net/v2ray-core/patches/004-feat-bulit-in-qtls-cipher-suite-implementation.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 8c5bcacb996cfecccd71471b682aef9a15da2499 Mon Sep 17 00:00:00 2001 -From: AkinoKaede -Date: Mon, 17 Jul 2023 12:38:25 +0800 -Subject: [PATCH] feat: bulit-in qtls cipher suite implementation - ---- - common/protocol/quic/cipher_suite.go | 23 +++++++++++++++++++++++ - common/protocol/quic/qtls_go119.go | 18 ------------------ - common/protocol/quic/qtls_go120.go | 18 ------------------ - common/protocol/quic/sniff.go | 6 +++--- - go.mod | 4 ++-- - go.sum | 2 ++ - 6 files changed, 30 insertions(+), 41 deletions(-) - create mode 100644 common/protocol/quic/cipher_suite.go - delete mode 100644 common/protocol/quic/qtls_go119.go - delete mode 100644 common/protocol/quic/qtls_go120.go - ---- /dev/null -+++ b/common/protocol/quic/cipher_suite.go -@@ -0,0 +1,23 @@ -+package quic -+ -+import ( -+ "crypto" -+ "crypto/cipher" -+ _ "crypto/tls" -+ _ "unsafe" -+) -+ -+// copied from github.com/quic-go/quic-go/internal/qtls/cipher_suite_go121.go -+ -+type cipherSuiteTLS13 struct { -+ ID uint16 -+ KeyLen int -+ AEAD func(key, fixedNonce []byte) cipher.AEAD -+ Hash crypto.Hash -+} -+ -+// github.com/quic-go/quic-go/internal/handshake/cipher_suite.go describes these cipher suite implementations are copied from the standard library crypto/tls package. -+// So we can user go:linkname to implement the same feature. -+ -+//go:linkname aeadAESGCMTLS13 crypto/tls.aeadAESGCMTLS13 -+func aeadAESGCMTLS13(key, nonceMask []byte) cipher.AEAD ---- a/common/protocol/quic/qtls_go119.go -+++ /dev/null -@@ -1,18 +0,0 @@ --//go:build go1.19 && !go1.20 -- --package quic -- --import ( -- "crypto/cipher" -- -- "github.com/quic-go/qtls-go1-19" --) -- --type ( -- // A CipherSuiteTLS13 is a cipher suite for TLS 1.3 -- CipherSuiteTLS13 = qtls.CipherSuiteTLS13 --) -- --func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { -- return qtls.AEADAESGCMTLS13(key, fixedNonce) --} ---- a/common/protocol/quic/qtls_go120.go -+++ /dev/null -@@ -1,18 +0,0 @@ --//go:build go1.20 -- --package quic -- --import ( -- "crypto/cipher" -- -- "github.com/quic-go/qtls-go1-20" --) -- --type ( -- // A CipherSuiteTLS13 is a cipher suite for TLS 1.3 -- CipherSuiteTLS13 = qtls.CipherSuiteTLS13 --) -- --func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { -- return qtls.AEADAESGCMTLS13(key, fixedNonce) --} ---- a/common/protocol/quic/sniff.go -+++ b/common/protocol/quic/sniff.go -@@ -37,10 +37,10 @@ const ( - var ( - quicSaltOld = []byte{0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99} - quicSalt = []byte{0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a} -- initialSuite = &CipherSuiteTLS13{ -+ initialSuite = &cipherSuiteTLS13{ - ID: tls.TLS_AES_128_GCM_SHA256, - KeyLen: 16, -- AEAD: AEADAESGCMTLS13, -+ AEAD: aeadAESGCMTLS13, - Hash: crypto.SHA256, - } - errNotQuic = errors.New("not quic") -@@ -153,7 +153,7 @@ func SniffQUIC(b []byte) (*SniffHeader, - - key := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16) - iv := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12) -- cipher := AEADAESGCMTLS13(key, iv) -+ cipher := aeadAESGCMTLS13(key, iv) - nonce := cache.Extend(int32(cipher.NonceSize())) - binary.BigEndian.PutUint64(nonce[len(nonce)-8:], uint64(packetNumber)) - decrypted, err := cipher.Open(b[extHdrLen:extHdrLen], nonce, data, b[:extHdrLen]) diff --git a/net/v2ray-core/patches/010-chore-go-update-dependencies.patch b/net/v2ray-core/patches/010-chore-go-update-dependencies.patch deleted file mode 100644 index c745aebd08..0000000000 --- a/net/v2ray-core/patches/010-chore-go-update-dependencies.patch +++ /dev/null @@ -1,40 +0,0 @@ ---- a/go.mod -+++ b/go.mod -@@ -16,9 +16,7 @@ require ( - github.com/mustafaturan/bus v1.0.2 - github.com/pelletier/go-toml v1.9.5 - github.com/pires/go-proxyproto v0.7.0 -- github.com/quic-go/qtls-go1-19 v0.3.2 -- github.com/quic-go/qtls-go1-20 v0.2.2 -- github.com/quic-go/quic-go v0.36.0 -+ github.com/quic-go/quic-go v0.37.4 - github.com/refraction-networking/utls v1.3.2 - github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb - github.com/stretchr/testify v1.8.4 -@@ -67,6 +65,7 @@ require ( - github.com/pion/sctp v1.8.7 // indirect - github.com/pion/transport/v2 v2.2.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect -+ github.com/quic-go/qtls-go1-20 v0.3.1 // indirect - github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect - github.com/secure-io/siv-go v0.0.0-20180922214919-5ff40651e2c4 // indirect - github.com/xtaci/smux v1.5.24 // indirect ---- a/go.sum -+++ b/go.sum -@@ -260,12 +260,10 @@ github.com/prometheus/common v0.4.0/go.m - github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= - github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= - github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= --github.com/quic-go/qtls-go1-19 v0.3.2 h1:tFxjCFcTQzK+oMxG6Zcvp4Dq8dx4yD3dDiIiyc86Z5U= --github.com/quic-go/qtls-go1-19 v0.3.2/go.mod h1:ySOI96ew8lnoKPtSqx2BlI5wCpUVPT05RMAlajtnyOI= --github.com/quic-go/qtls-go1-20 v0.2.2 h1:WLOPx6OY/hxtTxKV1Zrq20FtXtDEkeY00CGQm8GEa3E= --github.com/quic-go/qtls-go1-20 v0.2.2/go.mod h1:JKtK6mjbAVcUTN/9jZpvLbGxvdWIKS8uT7EiStoU1SM= --github.com/quic-go/quic-go v0.36.0 h1:JIrO7p7Ug6hssFcARjWDiqS2RAKJHCiwPxBAA989rbI= --github.com/quic-go/quic-go v0.36.0/go.mod h1:zPetvwDlILVxt15n3hr3Gf/I3mDf7LpLKPhR4Ez0AZQ= -+github.com/quic-go/qtls-go1-20 v0.3.1 h1:O4BLOM3hwfVF3AcktIylQXyl7Yi2iBNVy5QsV+ySxbg= -+github.com/quic-go/qtls-go1-20 v0.3.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -+github.com/quic-go/quic-go v0.37.4 h1:ke8B73yMCWGq9MfrCCAw0Uzdm7GaViC3i39dsIdDlH4= -+github.com/quic-go/quic-go v0.37.4/go.mod h1:YsbH1r4mSHPJcLF4k4zruUkLBqctEMBDR6VPvcYjIsU= - github.com/refraction-networking/utls v1.3.2 h1:o+AkWB57mkcoW36ET7uJ002CpBWHu0KPxi6vzxvPnv8= - github.com/refraction-networking/utls v1.3.2/go.mod h1:fmoaOww2bxzzEpIKOebIsnBvjQpqP7L2vcm/9KUfm/E= - github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From 303f0ad5ed690a22de5bfe959975d0d19511043a Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Sat, 7 Oct 2023 12:59:43 +0800 Subject: [PATCH 54/54] dnsproxy: Update to 0.56.0 Signed-off-by: Tianling Shen --- net/dnsproxy/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/dnsproxy/Makefile b/net/dnsproxy/Makefile index f8b4735f05..20d25d60f0 100644 --- a/net/dnsproxy/Makefile +++ b/net/dnsproxy/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsproxy -PKG_VERSION:=0.55.0 +PKG_VERSION:=0.56.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/dnsproxy/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=fecda5ee48a2f43edce47fe3e384ab931c36abd24aa09198014f8fd90f6a4664 +PKG_HASH:=841a83d2bc7f186fb83d5187993ebb21855afa827a9cdc6f976201feb7fcf3f7 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=Apache-2.0